Professional Documents
Culture Documents
The help files are designed to familiarize users with the Cisco Packet Tracer interface, functions, and features. Although the help files may be used as
a reference guide, the pages are meant to be read in order (especially the sections presented at the beginning). Annotated screenshots are used to aid
your understanding. Important notes or tips are presented in tip boxes like the following:
If you are a first-time user, please read the help files in order.
Introduction
Item Description
Protocols LAN: Ethernet (including CSMA/CD*), 802.11 a/b/g/n wireless*, PPPOE
Switching: VLANs, 802.1q, trunking, VTP, DTP, STP*, RSTP*, multilayer switching*, Etherchannel, LACP, PAgP,
IP CEF
TCP/IP: HTTP, HTTPS, DHCP, DHCPv6, Telnet, SSH, TFTP, DNS, TCP*, UDP, IPv4*, IPv6*, ICMP, ICMPv6,
ARP, IPv6 ND, FTP, SMTP, POP3, VOIP(H.323)
Routing: static, default, RIPv1, RIPv2, EIGRP, single-area OSPF, multi-area OSPF, BGP, inter-VLAN routing,
redistribution
Other: ACLs (standard, extended, and named), CDP, NAT (static, dynamic, inside/outside, and overload), NATv6,
Netflow
WAN: HDLC, SLARP, PPP*, and Frame Relay*
Security: IPsec, GRE, ISAKMP, NTP, AAA, RADIUS, TACACS, SNMP, SSH, SYSLOG, CBAC, Zone-based
policy firewall, IPS
QoS: Layer 2 QoS, Layer 3 Diffserv QoS, FIFO Hardware queues, Priority Queuing, Custom Queuing, Weighted
Fair Queuing, MQC, NBAR*
* indicates substantial modeling limitations imposed
Logical Workspace Network topology creation
Devices: generic, real, and modular with customizable images
Routers, switches, hosts (Server, Desktop and Laptop), hubs, bridges, wireless access points, wireless routers,
clouds, ASA, and DSL/cable modems
Device interconnection through a variety of networking media
Multiuser remote networks
Physical Workspace Hierarchy of device, wiring closet, building, city, and intercity views
Structured cabling: create BendPoints and GroupPoints in cables and color code cables
Ethernet cable length display and length limitation connectivity enforcement
Images for devices now customizable and scalable
Loading and scaling of user-created graphics
Wireless association management
Realtime Mode Realtime protocol updates
Medium-fidelity Cisco IOS CLI configuration of routers and switches
Menu based configuration of DHCP, DNS, HTTP, TFTP, Syslog, AAA, and NTP servers
Simulation Mode Packet animation
Global event list (packet sniffer)
OSI Model, Detailed PDU, and Device Table Views
User-defined multiple packet scenarios
Local Authoring and Sharing Extensive file-saving options
Multi-level Activity Wizard for authoring automatically scored practice activities and formative assessment
Challenge Mode allowing users to make device algorithm decisions on packets
Easily translated GUI
Extensive textual and graphical annotation features
External Applications (ExApps) through Inter-Process Communication (IPC)
What's New
Users of previous versions of Packet Tracer will note a variety of new features in this version of Packet Tracer.
Protocol Improvements
Packet Tracer now models these new or improved features:
Netflow
IPv6 CEF
IPv6 IPSEC
o "auto-cost reference-bandwidth"
EIGRP - EIGRPv6 Enhancements
o EIGRPv6 across FR
DHCP Enhancements
o NDv6
Show Commands
o show ip route
Supports Windows 8 and Windows 8.1. Stopped support for Windows Vista.
Activity Wizard
Simulation Mode
New Devices
Security
ASA 5505
Uses for Packet Tracer
For Students
Welcome to the world of computer networking. Packet Tracer can be a fun, take-home, flexible piece of software to help with your CCNA studies,
allowing you to experiment with network behavior, build models, and ask "what if" questions. We hope that Packet Tracer will be useful to you
whatever your goals are in networking, be they further education, certification, employment, or personal fulfillment. We want to emphasize how
important it is for you to also gain in-person, hands-on experience with real equipment as part of preparing to join the community of networking
professionals.
For Instructors
Packet Tracer is a simulation, visualization, collaboration, and assessment tool for teaching networking. Packet Tracer allows students to construct
their own model or virtual networks, obtain access to important graphical representations of those networks, animate those networks by adding their
own data packets, ask questions about those networks, and finally annotate and save their creations. The term "packet tracing" describes an animated
movie mode where the learner can step through simulated networking events, one at a time, to investigate the microgenesis of complex networking
phenomena normally occurring at rates in the thousands and millions of events per second.
A typical instructional event might begin with an instructor posing a networking problem to the student. Students can use Packet Tracer to drag and
drop networking devices (nodes) such as routers, switches, and workstations into logical topology space (the Logical Workspace). They can then
specify the types of interconnections between these devices (links) and configure the devices they created. Once they have designed and configured a
network of nodes and links, they can then launch sample data packets into the network, either in real time, or in a user-controlled simulation mode.
The packets are displayed graphically. The student can step the packet through the network, examining the processing decisions made by networking
devices as they switch and route the packet to its destination. The networks, packet scenarios, and resulting animations can be annotated, saved, and
shared. Many important networking domain knowledge representations are available for the student to pursue various modes of inquiry. Of particular
interest to instructors may be the Activity Wizard, which allows the authoring of answer networks to which students can compare their progress. Also
of possible interest to instructors are Packet Tracer's multi-user feature, whereby different instances of Packet Tracer can be used to create a "virtual
Internet" on a real network.
Packet Tracer is based on three learning principles: learning is active, learning is social, and learning is contextual. Hence, it is meant to facilitate the
creation of engaging, collaborative, and localized instructional materials. Packet Tracer may be used in a variety of ways:
Group work
Formative assessment
Lecture demonstrations
Case studies
Competitions
Concept-builders (model-building inquiries leading to student-created explications and animations of networking concepts)
Skill-builders (algorithmic problem solving in support of the development of networking procedural knowledge)
Troubleshooting challenges (diagnosing, isolating, and fixing the simulated network from a previously bugged network file)
Packet Tracer allows activity authoring for approximately 80% of the topics and skills required for CCNA Certification, and has relevance to CCNA-
Security, CCNP, IT Essentials, and general TCP/IP courses as well. Although the program includes some sample activities, we strongly encourage
you to share activities that you create with others in the CCNA teaching and learning community. In addition, integrated into the Discovery and
Exploration courses are hundreds of already-written Packet Tracer activities.
Getting Started
The best place to get started is to review the help files. The help files contain comprehensive documentation on almost all the features in Packet
Tracer, complete with descriptive text, screenshots, and animated tutorial guides. You may start using the application and come back to the help files
when you have a question. Or you may take a look at "My First PT Lab" which will guide you step by step through some basic features of Packet
Tracer.
Interface Overview
When you open Packet Tracer, by default you will be presented with the following interface:
This initial interface contains ten components. If you are unsure of what a particular interface item does, move your mouse over the item and a help
balloon will explain the item.
1 Menu Bar This bar provides the File, Edit, Options, View, Tools, Extensions, and Help menus. You will find basic commands
such as Open, Save, Save as Pkz, Print, and Preferences in these menus. You will also be able to access the
Activity Wizard from the Extensions menu.
2 Main Tool Bar This bar provides shortcut icons to the File and Edit menu commands. This bar also provides buttons for Copy,
Paste, Undo, Redo, Zoom, the Drawing Palette, and the Custom Devices Dialog. On the right, you will also find
the Network Information button, which you can use to enter a description for the current network (or any text you
wish to include).
3 Common Tools Bar This bar provides access to these commonly used workspace tools: Select, Move Layout, Place Note, Delete,
Inspect, Resize Shape, Add Simple PDU, and Add Complex PDU. See "Workspace Basics" for more information.
4 Logical/Physical You can toggle between the Physical Workspace and the Logical Workspace with the tabs on this bar. In Logical
Workspace and Workspace, this bar also allows you to go back to a previous level in a cluster, create a New Cluster, Move Object,
Navigation Bar Set Tiled Background, and Viewport. In Physical Workspace, this bar allows you to navigate through physical
locations, create a New City, create a New Building, create a New Closet, Move Object, apply a Grid to the
background, Set Background, and go to the Working Closet.
5 Workspace This area is where you will create your network, watch simulations, and view many kinds of information and
statistics.
6 Realtime/Simulation Bar You can toggle between Realtime Mode and Simulation Mode with the tabs on this bar. This bar also provides
buttons to Power Cycle Devices and Fast Forward Time as well as the Play Control buttons and the Event List
toggle button in Simulation Mode. Also, it contains a clock that displays the relative Time in Realtime Mode and
Simulation Mode.
7 Network Component Box This box is where you choose devices and connections to put into the workspace. It contains the Device-Type
Selection Box and the Device-Specific Selection Box.
8 Device-Type Selection This box contains the type of devices and connections available in Packet Tracer. The Device-Specific Selection
Box Box will change depending on which type of device you choose.
9 Device-Specific Selection This box is where you choose specifically which devices you want to put in your network and which connections to
Box make.
10 User Created Packet This window manages the packets you put in the network during simulation scenarios. See the "Simulation Mode"
Window* section for more details.
* You can freely resize the User Created Packet Window (UCPW) by placing the
cursor near the left edge of the window (it will turn into a "resize" cursor) and then drag
the cursor left or right. You can hide the window from view by dragging the edge all the
way to the right. When the UCPW is hidden, you can bring it back by placing the cursor
on the edge (notice when the resize cursor appears) and then dragging the edge back.
Setting Preferences
You can customize your Packet Tracer experience by setting your own preferences. From the Menu Bar, select Options > Preferences (or simply
press Ctrl + R) to view the program settings.
Under the Interface panel, you can toggle the Animation, Sound, and Show Link Lights settings to suit the performance of your system and your
preferences. You can also manage information clutter with the Show Device Labels, Always Show Port Labels, and Show Port Labels When
Mouse Over settings. Also, you can also toggle Show QoS Stamps on Packets shown in Simulation Mode and Enable Cable Length Effects. The
Enable Auto Cable option allows you to toggle the Automatic Connection when connecting devices. The Show Device Dialog Taskbar option
allows you to toggle the taskbar that is displayed at the bottom of the workspace which organizes currently opened device dialogs. The Logging
feature allows the program to capture all Cisco IOS commands that you enter and export them to a text file (refer to the "Configuring Devices" page
for more information). The Simulation - Buffer Full Action feature allows you to set the preferred action that Packet Tracer will perform. You can
set the action to Prompt if you want to be prompted when the Simulation buffer is full. At the prompt, you can either Clear Event List or View
Previous Events. Alternatively, you can set the action to either Auto Clear Event List to allow Packet Tracer to automatically clear the Event List
when the buffer is full or you can set the action to Auto View Previous Events to automatically view the previous events. The Enable Screen
Reader Support accessibility feature reads out all the titles and descriptions of the visible window that has the focus. Lastly, you can also change the
base language of the program by choosing from the Languages list and then pressing the Change Language button.
Under the Administrative panel, you can disable access to a particular interface such as the Interface tab and the Multiuser menu using the
Interface Locking feature. In order settings and configurations to apply globally for every user on the machine, you need to click on the Write
button to save the PT.conf file to the Packet Tracer installation folder. Optionally, you may change the User Folder to a different location which is
where your own settings, configurations, save files, and device templates are stored. Additionally, you can set a Password to prevent others from
tampering with these preferences. Note that the password is case-sensitive.
Under the Hide panel, you can choose to hide or show the Physical, Config, CLI, Desktop, GUI, HTML GUI, and HTML tabs in the device edit
dialog.
Under the Font panel, you can select different fonts and font sizes for the Dialogs, Workspace/Activity Wizard, and the General Interface Under
the Colors category, you can change the font color of the Router IOS Text, Router IOS Background, PC Console Text, and PC Console
Background.
Setting a User Profile
You can set your user profile for activity assessment and Multiuser identification. From the Menu Bar, select Options > User Profile to view the
User Profile dialog. In the User Profile dialog, you can enter your Name, E-Mail, and any Additional Info about yourself that you may want to
share.
Algorithm Settings
The Algorithms Settings dialog allows the user to make configurations that are otherwise not available in IOS. It also allows tweaking of algorithm
settings to make visualization of certain algorithm/protocol behaviors more easily viewable.
CBAC Half-Open Session Multiplier: If the number of half-open CBAC sessions multiplied by this number exceeds the configured max half-open
session count, new sessions would not be opened.
TCP Maximum Number of Connections: If the number of connections in SYN-RECEIVED state exceeds this number, any new connections would
be rejected.
TCP Maximum Number of Opened Sessions: If the number of connections exceeds this number, any new connections would be rejected.
TCP Maximum Retransmission Timeout in Milliseconds : If a TCP connection does not receive an acknowledgement to a segment it transmitted in
this number, it would retransmit the segment.
Switching Storm Control Multiplier: If the bandwidth percentage of broadcast frames used multiplied by this number exceeds the configured
threshold, the broadcast frame would be dropped.
Saving a PKZ
Packet Tracer allows you to save your topology (PKT) as well as any custom device icons and backgrounds that you applied to on the Logical
Workspace and Physical Workspace to a save file called a PKZ. A PKZ is able to retain any external files you add in a single save file, which allows
for portability and compactness from computer to computer. To create a PKZ, go to File > Save as Pkz. Enter a file name for the PKZ and click on
Save. In the Pkz Select Files dialog, you will be able to add and remove files that you want to save along with PKT. To add a file, click on the Add
button and browse to the file you want to add then click Open. To remove a file, select the file from the list then click Remove. Once you are done
adding and removing files, click OK to create the PKZ file.
Be sure to add all custom device image icons and custom backgrounds.
My First Packet Tracer Lab
Introduction
Welcome to Packet Tracer. Research has shown that users who master a few basic tasks when first starting to use Packet Tracer get much more out of
the software. This lab is designed to familiarize a user with Packet Tracer's features. This activity should take approximately 30 minutes to complete.
Use these directions to go through the lab yourself, or view the animated tutorial version of the lab.
Lab Objectives
I. Viewing Help and Tutorials View Tutorial
II. Creating Your First Network View Tutorial
III. Sending Simple Test Messages in Realtime Mode View Tutorial
IV. Establishing a Web Server Connection Using the PC’s Web Browser View Tutorial
Important Terminology
1. ICMP ping: command consisting of an echo request message from one device to another, and the returning echo reply.
3. Ethernet: one of the most common LAN standards for hardware, communication and cabling.
4. Fast Ethernet Interface: 100 Mbps Ethernet port. In Packet Tracer, a GUI may be used to configure such interfaces.
5. OSI model: 7-layer framework for looking at network protocols and devices, consisting of the application, presentation, session, transport,
network, data link, and physical layers.
6. PDU: protocol data unit, a grouping of data appropriate to a given layer in the OSI model.
7. Packets: OSI Layer 3 protocol data units. Represented by envelopes in Packet Tracer Simulation Mode.
8. Device Tables: includes ARP, switching, and routing tables. They contain information regarding the devices and protocols in the network.
9. ARP Table: Address Resolution Protocol (ARP) table, stores pairings of IP Addresses and Ethernet MAC addresses.
10. Scenario: one topology with a set of PDUs placed in the network to be sent at specific times. Using different scenarios, experiment with
different combinations of packets using the same base topology.
2. Open the help content by clicking Help > Contents on the Menu bar. You can also click the question mark on the Main toolbar. Another option
is the F1 shortcut key.
3. The menu will always be visible on the left side of the window while browsing through the help files. Skim through the help sections to get an
idea of the functionality of Cisco Packet Tracer.
4. The What's New section under Introduction provides an overview of features that have been added to Packet Tracer.
5. Pay close attention to the Interface Overview section under Getting Started to familiarize yourself quickly to the Packet Tracer interface.
7. Open the Interface Overview tutorial to learn the basics of the Packet Tracer graphical user interface. Note: Some browsers may prevent the
tutorial from playing. Configure your browser to allow active content to enable the viewing of the tutorial.
8. When the first caption appears, as shown below, click the Pause button in the playback controls.
9. Click the Forward button to skip to the next caption. Then click Pause again. Click the Back button to view the previous caption.
10. Continue viewing the tutorial by pressing the Play button. Parts of the tutorial can also be skipped by dragging the slider to the right. If
needed, click the Rewind button to restart the tutorial.
11. Click Exit to close the tutorial window. Close the help content as well.
Congratulations on learning more about resources that will help you get the most out of Packet Tracer.
1. Start creating a network by first selecting the End Devices. Add a Generic PC and a Generic Server to the workspace.
2. Under Connections, select the Copper Straight-through cable (solid black line) and connect the devices with it. The red lights on the link
indicate that the connection is not working. Now, use the Delete tool to remove the Copper Straight-through cable, and use a Copper Cross-
over cable (dashed line) instead. The lights should turn green at this point. If the mouse pointer is held over either devices, the link status will
be shown as “Up.” The network should look similar to this:
3. Click on the PC. While paying attention to the link lights, turn the power on, off, and on again. Follow the same steps for the server. The link
lights turn red when the device is off. This means that the link is down or is not working. The link lights turn green when the device is turned
back on.
4. Try all three ways to learn about the devices. First, mouse over the devices to see basic configuration information about them. Second, click
on each device with the Select tool to show the device configuration window, which provides several ways to configure the device. Third, use
the Inspect tool to view the tables the network device will build as it learns about the network around it. In this example, open the ARP table.
Since the devices have not been configured yet, the ARP tables are empty. Always remember to close the windows after viewing them or they
will clutter the workspace.
5. Open the PC configuration window and change the settings using the Config tab. Change the display name to Client and set the DNS server to
192.168.0.105. Under Interface, click FastEthernet and set the IP address as 192.168.0.110. Packet Tracer automatically calculates other
parameters. Make sure that the Port Status box is checked. For future reference, note that other Ethernet interface settings, such as bandwidth,
duplex, MAC address, and subnet mask can be modified using this window.
6. Go to the Desktop Tab and click on IP Configuration. Notice that the IP address, subnet mask and DNS server can be changed here as well.
7. Open the Server configuration window and go to the Config tab. Change the display name to Web Server. Click FastEthernet and set the IP
address as 192.168.0.105. Make sure that the Port Status is also on. Click DNS and set the domain name as www.firstlab.com. Set the IP
address as 192.168.0.105 and click Add. Finally, check to make sure that the service for DNS is on.
8. Reposition the network devices by dragging them to a new location. Add a network description by using the “i” button on the upper right
corner. Then add some text labels within the Logical Workspace by using the Place Note tool.
10. Save your work using the File > Save As option and create a meaningful filename.
2. Notice that the file opens in Realtime Mode. Use the Add Simple PDU tool to send a simple one-time ping message, called an echo request, to
the server. The server responds with an echo reply because all devices have properly configured IP address settings.
3. Scroll up and down the User Created Packet Window to see the different capabilities of this ping message, including an indication that the
ping was successful.
4. Toggle the PDU List Window to see a larger display of this message. One or more of these messages can be saved as a scenario. Scenario 0 is
displayed when starting. Label this first scenario with an “i” note. Different scenarios allow the use of the same topology for experiments with
different groupings of user created packets.
5. Click New to create a new scenario. New scenarios will initially be blank.
6. Add two packets using the Simple PDU tool, a PDU from the PC to the Server and a different PDU from the Server to the PC. Then add an
“i” note describing the scenario, to complete Scenario 1. An example is shown below:
7. Several scenarios can be saved with a single network. Alternate between Scenario 0 and 1.
9. Scenario 1 is now visible. Go to the last column in the User Created Packet Window and double-click (delete) to remove a PDU.
10. Delete the whole scenario. Notice that the scenario list went back to the default Scenario 0.
Congratulations on being able to send and organize simple test messages in Realtime Mode.
IV. Establishing a Web Server Connection Using the PC’s Web Browser (View Tutorial)
3. Select the Desktop tab, and then click Web Browser. Type in www.firstlab.com as the URL and click the Go button. The Packet Tracer
welcome page, shown below, appears, indicating that the web connection has been successfully established.
4. Clear the URL, type www and click Go. Since the address entered is not complete, a “Host Name Unresolved” message appears.
5. Type 192.168.0.105 as the URL entry and click on Go. Notice that the Packet Tracer welcome page appears again. This is because the Server
IP address can also be used to establish a web connection.
6. Close the window and try the same steps in Simulation Mode. In this mode, the user controls time, so the network can be viewed running at a
slower pace, allowing observation of the paths packets take and inspection of packets in detail (packet tracing!).
7. Select the PC again and go to the Web Browser in the Desktop tab. Type www.firstlab.com as the URL again and click Go. The welcome page
should not appear right away.
8. Switch to the main interface of Packet Tracer without closing the PC configuration window. Notice that a DNS packet is added to the event
list.
9. Click Auto Capture/Play or repeatedly click the Capture/Forward button until the HTTP packet appears on the PC. Go back to the PC
configuration window. The Packet Tracer welcome page is now shown.
3. Delete the PDU by using the method learned in the previous section.
5. Click Edit Filters and click All/None to uncheck all fields. Then click ICMP to only view ICMP packets in the animation.
6. Add a simple PDU from the PC to the Server. Notice that the newly created PDU is added to the User Created PDU List. This packet has been
captured as the first event in the event list and a new packet icon (envelope) appears in the workspace. The eye icon to the left of the event list
indicates that this packet is currently displayed.
7. Click the Capture/Forward button once. This simulates a network sniffing program, capturing the next event that occurs on the network. Note
that after clicking Capture/Forward, the packet in the workspace moves from one device to another (this is the ICMP echo request message
from the PC to the Server). Another event is added in the event list – this reflects the change in the workspace. The first time through an
animation, the meaning of the Capture/Forward is capture; after resetting the simulation, the meaning is forward.
8. Adjust the speed of the animation by dragging the Play Speed slider to the right making it go faster. Dragging the speed slider in the opposite
direction (to the left) will slow down the animation.
9. Click the Capture/Forward button a second time. This captures the next network event (this is the echo reply from the Server to the PC, shown
as successful with a green check mark on the envelope).
10. Click Capture/Forward button again. The Server has already sent an echo reply to the PC therefore, there are no more ICMP events left to
capture.
Congratulations on successfully capturing events and viewing animations in Simulation Mode.
1. Continuing from the last activity, click Reset Simulation. This clears the entries in the event list except for the original packet.
2. Select the packet envelope on the workspace to show the PDU Information window like the one shown in the screenshot below. This window
contains the OSI Model tab, which shows how the packet is processed at each layer of the OSI model by the current device. Close this
window, noting that this packet is indicated in the event list by the eye icon. The whole row in the event list is also highlighted. Clicking on
the color square in the Info column is equivalent to clicking directly on the packet envelope (try it!).
3. Use the Next Layer and Previous Layer buttons to see details of the packet processing at the relevant OSI layers. Note that only the Out
Layers can be viewed in the case of this original echo request message.
4. Click on the Outbound PDU Details tab. This tab shows exactly what makes up the PDU headers. It is organized into header type and the
individual fields in each header.
6. Click on the packet in the workspace again to open the PDU Information window. Notice that this time, information regarding both the In
Layers and Out Layers can be viewed.
7. Click on the Inbound PDU Details tab. This shows the details of the inbound echo request packet from the PC to the Server. The Outbound
PDU Details tab, shows similar information, but for the echo reply packet from the Server to the PC.
8. Click on Reset Simulation again. Now click on Auto Capture/Play. The echo request and echo reply are automatically captured. Click on the
Back Button to rewind the animation one step at a time. Now click on the Capture/Forward button to forward the packet through the
animation. Note the change in the event list and the workspace. Remember that at any time, a PDU Information Window can be opened by
clicking directly on the envelope on the workspace, or by clicking the Info column in the Event List.
9. Click on the Back Button twice to rewind the animation. Now click Auto Capture/Play and the packet animation will automatically occur.
Congratulations on being able to manipulate the Play Controls and PDU Information Window to understand more about packet processing details.
VII. Viewing Device Tables and Resetting the Network (View Tutorial)
2. Open the ARP Tables for both devices by clicking them with the Inspect tool. The ARP tables always appear on the same spot. Reposition
them to make them both visible. You can also resize the tables for better viewing.
3. In Realtime Mode, send a simple PDU from the PC to the Server. Notice that the ARP tables are filled in automatically, as shown here:
4. Delete the PDU using the method covered in the previous sections. Notice that the entries in the ARP tables are NOT cleared. ARP entries for
both devices have already been learned. Deleting the user created PDUs does not reset events what has already occurred in the network.
5. Click Power Cycle Devices. ARP tables are cleared because the Power Cycle Devices button turns the devices off and back on again
therefore, losing temporary information like the ARP table entries.
6. Go to Simulation Mode. In the event list filters, make sure that ICMP and ARP are checked so that you can view ICMP and ARP packets in
the animation.
8. Notice that since the devices were power cycled earlier, the ARP tables are empty. ARP request packets need to be issued before the ICMP
ping packets, so that the devices in the network can learn about each other. Click on Auto Capture/Play to watch the animation.
9. Click Reset Simulation. Notice that even though the event list is cleared (except for the user created PDU), the ARP tables remain full. Click
Auto Capture/Play. This time, since the ARP tables are full, there are no new ARP packets issued.
10. Click Power Cycle Devices. Doing so will empty the tables. Notice that new ARP request packets appear automatically in the event list.
Congratulations! You can now view device tables, reset a simulation, and reset the network.
Single-clicking on the Delete button removes the entire scenario including all the PDUs associated with it.
Double-clicking on (delete) in the far right column in the PDU List window deletes individual PDUs.
The Reset Simulation button clears all entries in the Event List, except for User Created PDUs, and allows the animation to restart. This,
however, does not reset the device tables.
The Power Cycle Devices button turns all of the devices in the network off and on so the tables that the devices built are lost along with
configurations and other information not saved.
Saving work periodically prevents lost configurations and state changes in the network.
Congratulations on being ready to build and analyze many different networks in Packet Tracer! Be aware that there are many other features that were
not covered in this lab. To learn more, please view the other available tutorials and review the help files. Have Fun!
Tutorials
The following tutorials demonstrate the basic functions, features, and aspects of Packet Tracer. Although you can view them at any time, they are
most effective when you have read the appropriate section or pages corresponding to each tutorial.
Tutorial Description
Getting Started
Interface Overview Shows how to start using the program.
Options Shows how to customize Packet Tracer using the Options menu.
Managing Windows
Organizing Interface Explains how to organize windows in the Packet Tracer Interface.
Part I Shows how to manage multiple windows when Packet Tracer is launched locally.
Part II Shows how to manage multiple windows when Packet Tracer is launched from a course.
Getting Started
Interface Overview Shows how to start using the program.
Options Shows how to customize Packet Tracer using the Options menu.
Logical Workspace
Creating a Network Topology Demonstrates how to create, arrange, delete, and connect devices.
Custom Device Templates Demonstrates how to create and remove custom device templates.
Clustering a Network Topology Demonstrates how to create, arrange, uncluster, delete, and connect clusters.
Editing and Annotating a Network Demonstrates how to edit and annotate a network topology.
Topology
Configuring Devices
Configuring Devices Using the Config Demonstrates how to configure devices using the Config tab.
tab
Configuring Devices Using the Desktop Demonstrates how to configure devices using the Desktop tab.
tab
Configuring Devices Using the CLI tab Demonstrates how to configure devices using the CLI tab.
Realtime and Simulation Modes
Simulation Environment Introduces an overview of the simulation environment.
Simulation Panel Demonstrates in detail of every feature in the Simulation Panel including the Event List,
Play Controls, and Event List Filters.
Advanced Features in Simulation Mode Introduces more advanced features in Simulation Mode to users.
PDU Information Explains the information displayed in a PDU and how to use Challenge mode in a PDU.
Physical Workspace
Navigating Physical Workspace Introduces a brief description of the interface of Physical Workspace and how to navigate
Physical Workspace.
Modifying Physical Workspace Explains how to modify Physical Workspace by creating new objects, removing existing
objects, and moving objects from one location to another location in Physical Workspace.
Structured Cabling Demonstrates how to create realistic structured cabling in the Physical Workspace.
Interaction between the Logical Demonstrates how the Logical Workspace and the Physical Workspace interact.
Workspace and the Physical Workspace
Activity Wizard Novice
Launch and Exit Activity Wizard Demonstrates how to launch and exit Activity Wizard.
Write Instructions Demonstrates how to write instructions for an activity.
Answer Network Reviews features related to the answer network.
Initial Network Reviews features related to the initial network.
Test Activity and Check Activity Explains how to use the Test Activity and Check Activity features to create a reliable
activity.
Set Password, Save and Distribute the Demonstrates how to set a password, how to save and distribute an activity.
Newly Created Activity File
Activity Wizard - Scoring Model
Overview Gives an overview of the Scoring Model interface in the Activity Wizard.
Expressions Goes over basics of expressions.
End to End Example Shows an end to end example of an activity using scoring models.
Activity Wizard - Variable Manager
Introduction Introduces the Variable Manager of the Activity Wizard.
Creating Pools Explains and demonstrates how to create a pool in the Variable Manager.
Creating Variables Explains and demonstrates how to create a variable in the Variable Manager.
Using Variables in the Instructions Demonstrates how to apply variables to the Instructions.
Using Variables in Network Topology Demonstrates how to apply variables to the Network Topology.
Using Variables in Assessment Tree Demonstrates how to apply variables to the Assessment Tree.
Using Variables in Connectivity Tests Demonstrates how to apply variables to the Connectivity Tests section.
Using Variables in Overall Feedback Demonstrates how to apply variables to the Overall Feedback section.
Verifying Variable Assignments Demonstrates how to verify assigned variables.
Concatenation Demonstrates sting concatenation with variables.
Isomorphs Demonstrates isomorphic activities with variables.
Regular Expressions Demonstrates regular expressions with variables.
Activity Wizard - Misc. Features
Importing and Exporting Network Files Goes over importing an existing file as an Answer network.
External Instructions Goes over using external instructions for an activity.
Student Model Variables Goes over changing points and components in an activity.
LinksysWRT300N
Topologies Demonstrates how to use a Linksys WRT300N router in a SOHO network.
Local Loop Connections Demonstrates how to create the local loop section of a SOHO network.
Hiding ISP Demonstrates how to organize and hide an ISP network from a SOHO network.
Configuring Linksys Security Demonstrates how to secure a SOHO network.
Alternate Linksys Configuration Demonstrates how to use the Static IP configuration for a Linksys WRT300N router.
Port Forwarding Demonstrates the Port Forwarding capability for the Linksys WRT300N router.
Multiuser
Enabling Multiuser Demonstrates how to enable the Multiuser feature in Packet Tracer.
Creating Multiuser Connection Demonstrates the creation of a connection between two remote peers.
Enabling Port Visibility Demonstrates the usage of the Port Visibility feature.
Beyond Two PT Instances Demonstrates how to chain three Packet Tracer instances together.
Offline Saving Demonstrates how to use the Offline Saving feature.
WAN Cloud Configuration
Frame Relay Demonstrates how to create a Frame Relay network using the WAN cloud.
DSL and Cable Demonstrates how to create DSL and Cable on the WAN cloud.
Dial Up Demonstrates how to create a Dial-Up network using the WAN cloud.
IPC
Installing Applications Gives an overview of preparing external applications (ExApps) to be used in Packet Tracer.
Configure Applications Window Demonstrates how to use the Configure Apps Window of the IPC feature.
IPC Menu Demonstrates how to use items listed under the IPC menu.
The Logical and Physical Workspaces
Packet Tracer uses two representation schemes for your network: the Logical Workspace and the Physical Workspace. The Logical Workspace allows
you to build a logical network topology, without regard to its physical scale and arrangement. The Physical Workspace allows you to arrange devices
physically in cities, buildings, and wiring closets. Distances and other physical measures will affect network performance and other characteristics if
wireless connections are used. In Packet Tracer, you first build your logical network, and then you can arrange it in the Physical Workspace. Most of
your time will be spend working in the Logical Workspace.
The Logical Workspace
The Logical Workspace is where you will spend the majority of your time building and configuring your network. In conjunction with Realtime
Mode, you can use this workspace to complete many of the labs you encounter in your CCNA coursework.
First, you will want to create devices. This is done by choosing devices from the Network Component box. Then, you can do any of the following:
Add modules to your devices to install additional interfaces. Note that you must turn off a device (by clicking its power button) before you
can add a module.
Connect your devices by choosing the appropriate cables (also found in the Network Component box).
Configure device parameters (such as the device name and IP address) through graphical dialogue boxes or the Cisco IOS (in the case of
routers and switches).
Make advanced configurations and view network information from the CLI interface on a router or switch.
Creating Devices
To place a device onto the workspace, first choose a device type from the Device-Type Selection box. Then, click on the desired device model from
the Device-Specific Selection box. Finally, click on a location in the workspace to put your device in that location. If you want to cancel your
selection, click the Cancel icon for that device. Alternatively, you can click and drag a device from the Device-Specific Selection box onto the
workspace. You can also click and drag a device directly from the Device-Type Selection box and a default device model will be chosen for you.
To quickly create many instances of the same device, press and hold the Ctrl button,
click on the device in the Device-Specific Selection box, and then release the Ctrl
button. The device is now locked and you can click on the workspace multiple times to
add multiple copies of the device. Cancel this operation by pressing the Cancel icon for
that device. To duplicate devices, you can press and hold the Ctrl button and then drag a
device on the workspace or select the devices and then use the Copy and Paste buttons.
Adding Modules
Most Packet Tracer devices have modular bays or slots into which you can insert modules. In the workspace, click on a device to bring up its
configuration window. By default, you will be in the Physical Device View sub-panel of the device. An interactive picture of the device is on the
right of the panel, and a list of compatible modules is on the left. You can resize the picture with the Zoom In, Original Size, and Zoom Out buttons.
You can also resize the entire configuration window by dragging its borders with the mouse. Alternatively, you can undock the window so that you
can move it around and freely resize it. You can browse (by clicking) through the list of modules and read their description in the information box at
the bottom. When you have found the module you want to add, simply drag it from the list into a compatible bay on the device picture. You can
remove a module by dragging it from the device back into the list.
You must turn off a device (by clicking its power button) before you can add or remove
modules, and you should turn the device back on after you are done.
Tool Use
Copy Copy the selected items.
Paste Paste the selected items.
Undo Undo the previous action.
Redo Redo the previous action.
Zoom In Zoom in the workspace.
Zoom Reset Reset the zoom back to default.
Zoom Out Zoom in the workspace.
Drawing Palette Create lines, rectangles, and ellipses.
Custom Devices Dialog Refer to the "Creating Custom Devices" section above for information.
New Cluster Refer to the "Clustering Devices" section below for information.
Move Object Refer to the "Clustering Devices" section below for information.
Set Tiled Background Refer to the "Custom Icons & BGs " section for information.
Viewport View a scaled version of the workspace.
Select Click objects and drag them around. This is the default tool. You can also select multiple objects by holding down the
mouse button and then dragging your cursor over them. This action draws a rectangle around the objects so you can drag
all of them simultaneously. Press the Esc key on the keyboard for quick access to this tool.
Move Layout Move your entire workspace around with the click-and-drag mouse action.
Place Note Write and place sticky notes anywhere on the workspace.
Delete Delete objects from the workspace. When you select the Delete tool, the mouse cursor will change into an "X." You can
then click on any object (a device, connection, or note) that you wish to delete.
Inspect Look at tables of a device (such as ARP and MAC tables) that have been modeled in this version of Packet Tracer.
Resize Shape Resize shapes that are drawn with the Drawing Palette. When you select the Resize Shape tool, a red square will appear
on shapes on the workspace. Drag the red square to either increase or decrease the shape.
Add Simple PDU Refer to the "Simulation Mode" help section for information.
Add Complex PDU Refer to the "Simulation Mode" help section for information.
Configuring Devices
To make most of the devices useful, you need to configure some basic settings (for example, an interface IP address and subnet mask). You can set
basic parameters through the GUI configuration screen of the device (click the Config tab from the configuration window). Different devices have
different settings available. Refer to each help page of the device for detailed information.
Clustering Devices
Clustering devices allows you to simplify the appearance of the Logical Workspace by visually reducing a group of devices and connections into a
single image. By default, all devices are created on the Logical Workspace are located in the Root level, which is indicated on the Logical/Physical
Workspace Bar. You may reduce the amount of clutter on the workspace by clustering multiple devices together with the New Cluster feature. To
cluster a group of devices, select the devices on the workspace and then click on the New Cluster button. You can then click on the newly created
cluster to go inside its lower level (i.e., Cluster0 by default) and create sub-clusters within the main cluster as well. You may also rename the cluster
by clicking on its label to enable the label textbox. You can navigate between levels by clicking on the appropriate level on the Navigation Bar. Note
that only up to four levels of clustering hierarchy are available with the Logical Workspace (including Root level). To uncluster a group of devices,
highlight the cluster and then delete it with the Delete tool.
Once you create a cluster, you can make connections to devices in a cluster. To make a connection to devices in a cluster, you first select the
connection type and then the cluster. A menu showing the devices in the cluster appears, allowing you to select a device. When you select the device,
a menu showing the available interfaces appears. Select the interface and a connection is made if the selected connection type and interface are
compatible.
Also, when you can create a cluster, you can move objects and devices within the cluster hierarchy with the Move Object button. To do so, click on
the Move Object button and then select an object or device. This opens a menu showing the cluster hierarchy. You can then select the location to
which the object should be moved.
Managing Workspace Clutter (Docking/Undocking Sub-windows)
There may be times when you need multiple windows open on your screen (especially when you start running simulations and have to keep track of
many things at once). To minimize the visual clutter, you can arrange popup and sub-windows in various ways. Many windows can be docked to or
undocked (floated) from the workspace. You can drag floating windows (via their title bar) and dock them to the left, right, or bottom edge of the
workspace. Simply drag a window by its title bar until your cursor is near an edge and then release the mouse button. The window will dock to that
edge. To undock a window, drag the window by its docked title bar and move it out of the workspace edge to anywhere on your screen.
In a docked position, the title bar of a window is unnamed; the window may be at
the top or left border. Use the Close button (x) on the window as a hint to where the
title bar is.
You can double click the title bar of a window to quickly toggle between the
docked or undocked state.
If there is already another window at an edge, you can dock a second window
next to that first window.
If you do not want a window to dock anywhere as you drag it around, press and
hold the Ctrl key as you drag it.
The Logical Workspace: Customizing Icons and Backgrounds (BG)
Select the image you want by clicking on it or use the browse button to navigate to a new directory and select the image.
Click on the Set Tiled Background button on the Logical Workspace Bar.
Click on the Cluster Icon tab in the Select Background Image dialog.
Select the image from the list provided or click the browse button to navigate to the directory where the graphic is located.
The new icon image is used in place of the default on the Logical Workspace. To change the image back to the default, follow these steps.
Click on the Set Tiled Background button on the Logical Workspace Bar.
Click on the Cluster Icon tab in the Select Background Image dialog.
Click on the Set Tiled Background button on the Logical Workspace Bar.
Select the image from the list provided or click the browse button to navigate to the directory where the graphic is located.
If you wish to tile the graphic, click on Display Tiled Background Image.
Click on the Set Tiled Background button on the Logical Workspace Bar.
To save custom icons and backgrounds with either a PKT or PKA file, the creator of the
file must use the Save As Pkz selection from the File menu. This process is covered in
detail in the Interface Overview section.
The Physical Workspace
The purpose of the Physical Workspace is to give a physical dimension to your logical network topology. It gives you a sense of scale and placement
(how your network might look in a real environment).
The Physical Workspace is divided into four layers to reflect the physical scale of four environments: Intercity, City, Building, and Wiring Closet.
The intercity is the largest environment. It can contain many cities. Each city can contain many buildings. Finally, each building can contain many
wiring closets. The wiring closet provides a view that is different from the other three views. This is where you actually see the devices that were
created in the Logical Workspace; positioned in networking racks and on tables. The three other layers provide thumbnail views of their layouts as
the next level icons. This is the default arrangement in the Physical Workspace, but the devices in the wiring closet can be moved to any of the layers.
When the devices are moved to another layer, they revert to the icons used in Logical Workspace, although those can be customized (covered under
Customization) to any graphic you would like to use.
When you first enter the Physical Workspace, the default is the Intercity view (or "map").
By default, the intercity contains one city object called "Home City." You can click and drag the City icon to move it around in the intercity map. You
can also simply click on the City icon to change focus to the map of that city.
The Home City also contains one default building object called "Corporate Office." This building, like the Home City object in Intercity view, can be
moved anywhere around the city. Click on the Building icon to change focus to the interior selected building. All buildings are limited to one floor.
From the City view, you can also return to the Intercity environment by clicking on the Back button twice in the Physical Workspace Bar.
The Corporate Office contains one default wiring closet called "Main Wiring Closet." Click its icon to view its contents. You can also return to any of
the previous environments (Intercity or City) by clicking the Back button in the Physical Workspace Bar.
The "Main Wiring Closet" initially houses all the devices that were created in the Logical Workspace. It neatly arranges those devices onto racks and
tables so you can see where your devices physically are. The wiring closet view also shows the connected ports and the link light status of the devices
in the wiring closet. If the device is clicked, its configuration window pops up just as it does in Logical Workspace. Learn how to move these devices
around in the building or even the city in the "Moving Devices" section.
New cities (and buildings and closets) always initially appear on the top left corner of
the workspace. To avoid confusion, you should immediately rename and move them.
The Physical Workspace: Moving Devices
The Physical Workspace allows you to move your devices to various locations. To do this click on the Move Object button on the Physical
Workspace Bar, then click on the device to be moved. When the device is clicked, an expandable pop-up box will appear that shows a hierarchical
layout of the physical workspace. Just click on the level that you want the selected device to be moved. When you move a device to a new level, it
always initially appears in the top left corner of the workspace. In addition to moving devices with the Move Object button, you can also move
cities, buildings and wiring closets. The procedure is the same.
If you move multiple devices before moving them out of the upper left corner, they are stacked on top of each other in the same physical location.
Clicking will select the top device on the stack, dragging around the group will select all the devices and allows them all to be moved simultaneously.
A second more efficient way to quickly move multiple devices is to use the Navigation button on the Physical Workspace Bar. Clicking on the
Navigation button reveals an expanded tree view of the arrangement of all levels and devices in the Physical Workspace.
To move a device to a new location using the Navigation button, highlight the device and drag it to the new location in the tree. When that level is in
focus, the device(s) will be located in the upper left corner of that level. This is with the exception of the wiring closet view where the devices will
appear in a rack or on a table. There is no way to change the order of equipment in the rack or on the tables.
There are few restrictions on where you can move objects and devices. In general, something bigger (a city) cannot be moved inside something
smaller (a building); otherwise, all moves are possible. You can move buildings to other cities or directly onto the intercity. Wiring closets can be
placed directly onto cities or the intercity view. Devices are not confined by racks or tables and can go anywhere. However, you should maintain their
hierarchy to avoid confusion.
In this example, the default "Home City" is renamed to "San Jose," and a new city called "Irvine" is created. Inside San Jose is a building called
"Cisco," which has a wiring closet called "MDF." Similarly, Irvine has a building called "Linksys," which has a wiring closet called "IDF." Initially,
all devices are located in the MDF, including two routers named "Router0" and "Router1," which are connected via a serial link.
If, for example, you want to move Router0 into the IDF, you would first need to go into the MDF. Inside the MDF, click the Move Object button.
Click on Router0, and then go through the hierarchy to find the IDF and select Move to IDF.
If you back out to Intercity view, you will see a black line between Irvine and San Jose. The line tells you that there is a connection between the
devices of these cities. In this case, the line represents the serial connection between Router0 and Router1.
You can quickly return to the default wiring closet in any environment by pressing the
Working Closet button on the far right of the Physical Workspace Bar.
The Physical Workspace: Distance Measurements
The Physical Workspace provides the dimension of distance to Ethernet and wireless devices. This distance parameter is one of the factors that
determine if a device is able to connect or not connect to another device.
Access points can establish connections with wireless end devices that are within a certain distance range. This range is indicated by a gray mesh area
surrounding the access point. Note that this mesh area appears as a circle or an oval depending on the dimensions of the background image used. If
the background source image is square, the mesh is circular. If the background image is a rectangle, the mesh is oval, scaled by the width and height
of the source image.
In this example, three wireless-enabled PCs and two access points are created. They have all been moved from the default wiring closet and placed
directly onto the "streets" of the city (for demonstration purposes). Note the following:
PC0 is within the wireless range of Access Point0, so it associates with Access Point0.
PC1 is within the wireless range of both Access Point0 and AccessPoint1. However, because it is closer to Access Point1, it associates with
Access Point1.
Select the image you want by clicking on it or use the browse button to navigate to a new directory and select the image.
In the city where you want to apply the background, click on the Set Background button on the Physical Workspace Bar.
Select the image from the list provided or click the browse button to navigate to the directory where the graphic is located.
In the city where you want to reset the background, click on the Set Background button on the Physical Workspace Bar.
Click on the Reset button.
There is also a scaling option available in the Set Background dialog box. This option specifies the distance scale for Packet Tracer in meters per
pixel. This scale directly determines the length of cables and broadcast ranges of wireless access points in both logical and physical modes. The
defaults are set to:
Note that the dimensions of your background images affect the scale and appearance of certain objects.
To create a graphic for a background the recommended sizes, in pixels are:
To save custom icons and backgrounds with either a PKT or PKA file, the creator of the
file must use the Save As Pkz selection from the File menu. This process is covered in
detail in the Interface Overview section.
The Physical Workspace: Cable Manipulation
In Physical Workspace, cables can be manipulated to provide a more realistic representation of a physical layout. Cables can be bent and grouped to
allow for organization and easier manipulation. Since cables can be grouped, they now also can be color coded to allow the user to identify specific
cables as they enter or leave the group. Individual cables can be ungrouped from cable GroupPoints as well as cable groups and BendPoints may also
be deleted from cables without deleting the cables.
Cables actually can’t be directly deleted in Physical mode, you must return to Logical
mode to delete a cable.
As many BendPoints as needed can be placed on a cable allowing a pseudo structured cabling look to the physical mode. Adding BendPoints and
moving them also changes the length of the cable. The Cable Length is expressed as the distance between to points on the cable and the Total Cable
Length is the distance between the two end devices on the cable.
Workaround: Sometimes it appears that you have accurately clicked on a cable and no
Window appears. This is due to graphics representation of the cable. All that is necessary
to do is move the device that the cable is connected to and try again or move to another
spot on the cable. Once a BendPoint is created, it can be moved along the cable to where
you want it located.
Navigation Panel
You can click on the Navigation button from the Physical Workspace Bar to bring up the navigation panel of the entire Physical Workspace. The
navigation panel contains a physical locations tree that allows you to select a location and then jump to that particular location on the Physical
Workspace. The Navigation panel also allows you to move devices from one place to another in physical mode. This is covered in the Moving
Devices section.
Applying a Grid
You can click on the Grid button from the Physical Workspace Bar to apply a customizable grid to the Intercity, City, and Building levels. The Grid
tool allows you to set the grid spacing for each level and the ability to choose the color of the grid lines. The grid size is in meters and grid size is
affected by the by the Set Background image scaling factor.
Deleting Objects
You can use the Delete tool from the Common Tools Bar to delete cities, buildings, and wiring closets. Devices, however, cannot be deleted in the
Physical Workspace. If you delete a wiring closet from the Building environment, the devices in that closet will be extracted and placed directly onto
the building "floor." If you delete that building from the City environment, the devices will be placed onto the city "streets."
Resizing Objects
Just as in the Logical Workspace, you can use the Resize Shape tool from the Common Tools Bar to resize cities, buildings, wiring closets, devices,
and shapes created drawn with the Drawing Palette.
Operating Modes
In Realtime Mode, your network is always running (like a real network) whether you are working on the network or not. Your configurations are
done in real time, and the network responds in near real time. When you view network statistics, they are displayed in real time, as shown in the
Realtime toolbar. In addition to using the Cisco IOS to configure and diagnose networks, you can use the Add Simple PDU and User Created PDU
List buttons to graphically send pings.
Inspecting Devices
As the network is running, you can use the Inspect tool to view tables of the device as they are populated and updated. For example, to inspect the
ARP table of a router, choose the Inspect tool, click on the router to bring up the list of available tables, and then choose ARP Table.
In addition to the Inspect tool, you can simply mouse-over a device to view details such as the link status, IP address, and MAC address of all the
ports on a device. Note that the mouse-over feature does NOT show the state of the tables maintained by a device, like a switch, but rather a
convenient summary display of port-related information. For example, when you mouse-over a switch, you will see a list of ports and MAC
addresses: this is not the switch MAC address table (CAM table, switching table) but rather a list of the MAC addresses of the switch built-in
Ethernet interface hardware addresses.
Sending PDUs graphically
Although Simulation Mode is the preferred mode for sending PDUs graphically, you can use the Add Simple PDU and User Created PDU List
buttons to ping or send other PDUs (see the "Simulation Mode" section for details). The drawback is that you will not see PDU icons traveling slowly
through the network; the entire ping sequence happens in real time. However, you can view the result of the ping from the User Created Packet
Window.
If you reset the network, you will lose the current running configuration on all routers
and switches. Before you click the Power Cycle Devices button, be sure to issue the
copy running-config startup-config Cisco IOS command sequence on all routers and
switches to retain the current network configuration after the reset.
In Simulation Mode, you can watch your network run at a slower pace, observing the paths that packets take and inspecting them in detail.
When you switch to Simulation Mode, the Simulation Panel will appear. You can graphically create PDUs to send between devices using the Add
Simple PDU button and then pressing the Auto Capture / Play button to start the simulation scenario. The Event List window records (or
"captures") what happens as your PDU propagates through the network. You can control the speed of the simulation by using the Play Speed Slider.
Pressing the Auto Capture / Play toggle button again will pause the simulation. If you need greater control of the simulation, use Capture /
Forward button to manually run the simulation forward one step in time. You can use the Back button to revisit a previous timeframe and view the
events that occurred then.
When your instance of Packet Tracer is connected to a Multiuser remote peer, you will
not be able to switch to Simulation Mode. When you attempt to switch to Simulation
Mode, you will be prompted to save an offline copy that is to be opened in a new
instance of Packet Tracer. Clicking Yes will cause Packet Tracer to use the current offline
saving settings to create an offline save and open it in a new Packet Tracer instance
immediately. From there, you will be able to use Simulation Mode to examine packets in
detail.
You can clear and restart the scenario with the Reset Simulation button, which clears all entries in the Event List.
Note that while a simulation is playing, you may see packets that you did not create yourself. That is because some devices can generate their own
packets (such as EIGRP packets) as the network runs. You may also see a QoS Stamp on packets as well, which is described in detail in the "QoS
Stamp" section below. You can see what types of packets are being propagated in the network by looking at the Type field in the Event List. You can
choose to hide these packets from view by clicking on the Edit Filters button and unchecking the appropriate filter from the menu that appears. To
show all types of packets, simply click on the Show All button to re-enable them all. You can also create your own ACL Filter by clicking on the
Edit ACL Filters button in the Edit Filters menu. In the ACL Filters dialog, you can create a New ACL Filter, Delete an ACL Filter, and Submit
extended ACL statements to an ACL Filter.
You can also hide the Event List (and the entire Simulation Panel) with the Event List button in the Simulation Bar. You will still have access to the
Play Controls on the bar.
The Event List and Time Flow of Events
Packet Tracer simulations do not run on a linear time scale. Time is determined by the events that occur. An event can be defined as any instance of a
PDU that is generated in the network. The Event List keeps track of all such PDU instances and lists their information in various fields:
Visible: An "eye" icon in the field means that an event is happening at the current simulation time. Whatever packets that are currently visible
in the scenario animation will have this icon in the field.
Time: This field indicates the time (in seconds) at which the event occurred, relative to the last time the simulation scenario restarted. This
field is also the simulation time index.
Last Device: This field indicates the previous location of the packet.
Type: This field indicates the packet type (ACL Filter, ARP, BGP, CDP, DHCP, DNS, DTP, EIGRP, FTP, H.323, HTTP, HTTPS, ICMP,
ICMPv6, IPSec, ISAKMP, LACP, NTP, OSPF, PAgP, POP3, RADIUS, RIP, RTP, SCCP, SMTP, SNMP, SSH, STP, SYSLOG, TACACS, TCP,
TFTP, Telnet, UDP, and VTP).
Info: This field shows detailed information about the packet instance, broken up into each layer of the OSI model. Learn more about this field
in the "PDU info" page.
You can rearrange each of these fields in the Event List by dragging the title of a field to
the desired position.
Some events occur very frequently, happening every few milliseconds. Some events occur very infrequently, happening every minute or so. On the
workspace, network events appear to happen one after another at the same speed (set by the slider), when actually they may be separated by
milliseconds or by minutes. You can keep track of event timing by looking at the Time field in the Event List. Time only advances when there are
events to be captured. If the network has no further events, time will essentially halt (until the next event occurs). The Auto Capture Indicator will
tell you where the Event List stopped recording. You can enforce a constant delay of 1 ms between events by using the Constant Delay option. If this
option is off, various factors will contribute to the overall delay of the event: transmission delay, propagation delay, and a randomly injected process
delay.
If you filter out some type of PDUs on the Event List Filters, they will not show up on
the Event List. They are still in the network; you just do not see them. The simulation
runs more quickly because you will not see the filtered events, but all filtered PDUs still
affect the network.
Restarting a Scenario
Whenever a simulation restarts, the simulation time resets to 0.000 and the Event List is cleared. You will restart the simulation if you do any of the
following:
Click the Reset Simulation button.
Modify the network in some way, such as deleting a device, adding a device, and changing the configuration on a device.
Enter any command in the global configuration mode of a device (in the CLI).
Switch to another scenario (see the "Managing Simulation Scenarios" section below).
Remove a PDU from the Protocol Data Units List (see the "Managing Simulation Scenarios" page).
Restarting a simulation does not erase current or scheduled PDU processes; it simply
pauses the simulation and removes the visual clutter of events currently displayed on the
Event List. The only way to remove PDU processes is from the User Created Packet
Window (discussed on the "Managing Simulation Scenarios" page).
QoS Stamps
QoS Stamps are visual indicators that the ToS/DiffServ (ToS = Type of Service, DiffServ = Differentiated Services) field has been set in the IP
header. Usually this field is 0, but a value other than 0 will cause a color to appear. It does not indicate that it will be processed in any special way or
that anything in particular will happen to it. It is just a marker that says "this field is different."
Qos Stamps are useful in that it is one way a QoS algorithm will tag packets as they pass through the interface for processing into queues on the other
end. Setting the ToS/DiffServ field on the packet means that the router can check that value later when looking to put packets into certain priority
queues. Marking the packets at the edge means that the core routers can treat them however they need to without guessing at the intended priority
level. The reason it is referred to as a ToS/DiffServ field is that the field was originally called the TOS field which contained IP precedence bits. That
was obsolete by the DiffServ field, which uses a DSCP (Differentiated Services Code Point). This is the 6 most significant bits in that field. The other
two bits serve other purposes for congestion notifications. So, the proper name for those 6 bits is the "Differentiated Services Code Point," but they
can also be modified by precedence or things that set the Type of Service. So, all still apply.
Packet Tracer will only display QoS Stamps in Simulation Mode and when the ToS/Diffserv field has been set. This field can be set by using the
Traffic Generator utility on an end device, the ping command on an end device, extended ping on a router, or the set commands for class-maps
inside a policy-map. When using the ping command or Traffic Generator, this value sets the entire ToS field in the header. The ToS/DiffServ Color
Table, which is shown below, only goes up to 64 values because the two least significant bits are reserved and not used to show the colors. Because
of this, it is necessary to bit-shift your value two places to the left. The easiest way to do this is to multiply your given ToS value twice. So, if you
have the value 1, 1 * 2 = 2, 2 * 2 = 4. Or, for the value 5, 5 * 2 = 10, 10 * 2 = 20.
To read the ToS/DiffServ Color Table, look at the column labeled S0-D2. The values range from 0-63. When the number is 0, the color is empty (no
QoS Stamp). The other colors presented there are what will show up when the ToS field takes on that value. Remember, if you use ping or the Traffic
Generator utility, you have to multiply that number by two (e.g., to see the first ping color you need to multiply 8 * 2 = 16, 16 * 2 = 32. So, set the
value 32 into the ToS field).
TOS/DiffServ Bits
S0 S1 S2 D0 D1 D2 ECT CE S0-D2 Meaning Red Green Blue Color Hex
0 0 0 0 0 0 0 0 0 Default Precedence 255 255 255 0xFFFFFF
0 0 0 0 0 1 0 0 1 Local Use 40 40 40 0x282828
0 0 0 0 1 0 0 0 2 Local Use 45 45 45 0x2D2D2D
0 0 0 0 1 1 0 0 3 Local Use 50 50 50 0x323232
0 0 0 1 0 0 0 0 4 Local Use 55 55 55 0x373737
0 0 0 1 0 1 0 0 5 Local Use 60 60 60 0x3C3C3C
0 0 0 1 1 0 0 0 6 Local Use 65 65 65 0x414141
0 0 0 1 1 1 0 0 7 Local Use 70 70 70 0x464646
0 0 1 0 0 0 0 0 8 Priority Precedence 255 0 255 0xFF00FF
0 0 1 0 0 1 0 0 9 Local Use 75 75 75 0x4B4B4B
0 0 1 0 1 0 0 0 10 AF11 (Class 1 - Low Drop) 255 200 200 0xFFC8C8
0 0 1 0 1 1 0 0 11 Local Use 80 80 80 0x505050
0 0 1 1 0 0 0 0 12 AF12 (Class 1 - Med Drop) 255 110 110 0xFF6E6E
0 0 1 1 0 1 0 0 13 Local Use 85 85 85 0x555555
0 0 1 1 1 0 0 0 14 AF13 (Class 1 - High Drop) 255 0 0 0xFF0000
0 0 1 1 1 1 0 0 15 Local Use 90 90 90 0x5A5A5A
0 1 0 0 0 0 0 0 16 Immediate Precedence 128 255 255 0x80FFFF
0 1 0 0 0 1 0 0 17 Local Use 95 95 95 0x5F5F5F
0 1 0 0 1 0 0 0 18 AF21 (Class 2 - Low Drop) 200 255 200 0xC8FFC8
0 1 0 0 1 1 0 0 19 Local Use 100 100 100 0x646464
0 1 0 1 0 0 0 0 20 AF22 (Class 2 - Med Drop) 150 255 150 0x96FF96
0 1 0 1 0 1 0 0 21 Local Use 105 105 105 0x696969
0 1 0 1 1 0 0 0 22 AF23 (Class 2 - High Drop) 0 255 0 0x00FF00
0 1 0 1 1 1 0 0 23 Local Use 110 110 110 0x6E6E6E
0 1 1 0 0 0 0 0 24 Flash Precedence 128 0 0 0x800000
0 1 1 0 0 1 0 0 25 Local Use 115 115 115 0x737373
0 1 1 0 1 0 0 0 26 AF31 (Class 3 - Low Drop) 190 190 255 0xBEBEFF
0 1 1 0 1 1 0 0 27 Local Use 120 120 120 0x787878
0 1 1 1 0 0 0 0 28 AF32 (Class 3 - Med Drop) 110 110 255 0x6E6EFF
0 1 1 1 0 1 0 0 29 Local Use 125 125 125 0x7D7D7D
0 1 1 1 1 0 0 0 30 AF33 (Class 3 - High Drop) 0 0 255 0x0000FF
0 1 1 1 1 1 0 0 31 Local Use 130 130 130 0x828282
1 0 0 0 0 0 0 0 32 Flash Override Precedence 0 128 0 0x008000
1 0 0 0 0 1 0 0 33 Local Use 135 135 135 0x878787
1 0 0 0 1 0 0 0 34 AF41 (Class 4 - Low Drop) 255 255 200 0xFFFFC8
1 0 0 0 1 1 0 0 35 Local Use 140 140 140 0x8C8C8C
1 0 0 1 0 0 0 0 36 AF42 (Class 4 - Med Drop) 255 255 150 0xFFFF96
1 0 0 1 0 1 0 0 37 Local Use 145 145 145 0x919191
1 0 0 1 1 0 0 0 38 AF43 (Class 4 - High Drop) 255 255 0 0xFFFF00
1 0 0 1 1 1 0 0 39 Local Use 150 150 150 0x969696
1 0 1 0 0 0 0 0 40 CRITIC/ECP Precedence 0 0 128 0x000080
1 0 1 0 0 1 0 0 41 Local Use 155 155 155 0x9B9B9B
1 0 1 0 1 0 0 0 42 Local Use 160 160 160 0xA0A0A0
1 0 1 0 1 1 0 0 43 Local Use 165 165 165 0xA5A5A5
1 0 1 1 0 0 0 0 44 Local Use 170 170 170 0xAAAAAA
1 0 1 1 0 1 0 0 45 Local Use 175 175 175 0xAFAFAF
1 0 1 1 1 0 0 0 46 Expedited Forwarding 128 0 128 0x800080
1 0 1 1 1 1 0 0 47 Local Use 180 180 180 0xB4B4B4
1 1 0 0 0 0 0 0 48 Internetwork Control Precedence 128 128 0 0x808000
1 1 0 0 0 1 0 0 49 Local Use 185 185 185 0xB9B9B9
1 1 0 0 1 0 0 0 50 Local Use 185 185 185 0xB9B9B9
1 1 0 0 1 1 0 0 51 Local Use 190 190 190 0xBEBEBE
1 1 0 1 0 0 0 0 52 Local Use 195 195 195 0xC3C3C3
1 1 0 1 0 1 0 0 53 Local Use 200 200 200 0xC8C8C8
1 1 0 1 1 0 0 0 54 Local Use 205 205 205 0xCDCDCD
1 1 0 1 1 1 0 0 55 Local Use 210 210 210 0xD2D2D2
1 1 1 0 0 0 0 0 56 Network Control Precedence 0 128 128 0x008080
1 1 1 0 0 1 0 0 57 Local Use 215 215 215 0xD7D7D7
1 1 1 0 1 0 0 0 58 Local Use 220 220 220 0xDCDCDC
1 1 1 0 1 1 0 0 59 Local Use 225 225 225 0xE1E1E1
1 1 1 1 0 0 0 0 60 Local Use 230 230 230 0xE6E6E6
1 1 1 1 0 1 0 0 61 Local Use 235 235 235 0xEBEBEB
1 1 1 1 1 0 0 0 62 Local Use 240 240 240 0xF0F0F0
1 1 1 1 1 1 0 0 63 Local Use 245 245 245 0xF5F5F5
To find out what type of QoS Stamp is shown in Simulation Mode, look at the second screenshot above as an example. You can see that there is a
QoS Stamp on the EIGRP packet that is at QoS_Router. Click on the EIGRP packet where the QoS Stamp appears to open the EIGRP packet's PDU
information. Next, click on the Outbound PDU Details tab to reveal the headers in the EIGRP packet (refer to the "PDU Information" page for more
details). The field that determines the QoS Stamp's type is the DSCP field. In this EIGRP packet, the DSCP value is 0xe0, which is a hexadecimal
value. This hexadecimal value needs to be converted into decimal, which is 224. However, 224 is not in S0-D2 column in the ToS/DiffServ color
table. This is because the value has been bit-shifted two places to the left. As a result, it is necessary to unshift the value in order to use the
ToS/DiffServ Color Table. To do this, take the DSCP value and divide it twice. In this example, since the value is 224, 224 / 2 = 112, 112 / 2 = 56. For
the value of 56, the S0-D2 column in the ToS/DiffServ Color Table indicates that this QoS Stamp is a Network Control Precedence type.
By default, Packet Tracer shows QoS Stamps in Simulation Mode. To prevent QoS
Stamps from appearing, go to Preferences and uncheck Show QoS Stamps on Packets.
Simulation Mode: PDU Information
During a simulation, you can click on a packet (on the topology or the corresponding event in the Event List) to bring up its information window and
view its details. The details window contains three possible tabs: OSI Model, Inbound PDU Details, and Outbound PDU Details.
The OSI Model tab shows how the packet is processed at each layer of the OSI model by the current device. The process is further separated by the
direction in which the packets are traveling, incoming versus outgoing. The incoming layers (In Layer) show how the device processes an incoming
or a buffered packet, and the outgoing layers (Out Layer) show the process a device goes through when it sends a packet to one or multiple ports.
The In Layer is meant to be read starting from bottom to top (from Layer 1 to Layer 7),
while the Out Layer is read from top to bottom (from Layer 7 to Layer 1). This is
because the physical layer is the first layer at which incoming PDUs are processed, and
it is the last layer at which outgoing PDUs are processed when they exit the device.
The Inbound PDU Details tab only applies if the PDU you clicked on is being received on the device; it will not appear if the PDU originated from
that device. The tab shows exactly what is in the headers of the PDU, broken up into header type and the individual fields in each header. For
example, a PDU may have an Ethernet II and an ARP header, so the tab will show information such as the preamble, FCS, and source and destination
addresses.
The Outbound PDU Details tab shows similar information for outgoing packets. This tab only applies if the device has a PDU to send.
Most of the time, a device will receive a PDU and then, as a result, send out a PDU. In this case, both the Inbound PDU Details and the Outbound
PDU Details tabs apply.
Challenge Mode
You can quiz yourself on the encapsulation process by entering Challenge Mode when viewing PDU information. Click the Challenge Me button to
do so. The layer details are hidden, and the information window is replaced by a question window that asks you what the device does to a PDU at a
given layer. Select from a multiple-choice list. If you answer correctly, the details for that layer are shown and the question window advances to the
next layer. You can click the Hint button if you need help.
Each Challenge Question may contain the following answers:
Encapsulate: Adds a header or a header and trailer to the PDU on this layer to create the PDU at the next lower layer.
De-encapsulate: Removes a header or a header and trailer from the PDU on this layer to create the PDU at the next higher layer.
Transfer: Moves the PDU from the inbound OSI stack to the outbound OSI stack.
In Packet Tracer, you can set up and simulate complex networking situations (scenarios) through the User Created Packet Window (UCPW) found
on the lower right corner of the application. A scenario is a set of PDUs that you have placed in the network to be sent at specific times. When you
first switch to Simulation Mode, the default scenario is "Scenario 0." You can edit the name of the scenario, and you can write a description for the
scenario by clicking the Scenario Description icon next to its name. You can create and delete scenarios with the New and Delete buttons, and you
can switch between scenarios by choosing from the scenario drop-down menu. Multiple scenarios can be created for one logical topology,
corresponding to different test conditions you may want to model. Note the contrast between the UCPW (packets you create) and the event list (all
packets occurring anywhere on the network that you chose to display, whether or not they were originated by you or by protocols running on the
network devices).
The Protocol Data Units List is an important part of the UCPW that tracks all of the PDUs you created for the current scenario. You can put the
Protocol Data Units List in its own window on the workspace by pressing the Toggle PDU List Window button. Click the button again to integrate
it back into the UCPW.
Each PDU in the PDU list has the following fields:
Fire: You can double click on this field to "send" the PDU immediately in realtime mode or queue for transmission in simulation mode.
Last Status: This field indicates the last known status of the PDU (Successful, Fail, or In Progress).
Source: This field shows the name of the device from which the PDU originated.
Destination: This field shows the name of the device that the PDU is ultimately trying to reach.
Color: This field shows PDU color as it appears in the animation. (See the tip box below for information about changing the PDU color.)
Time: This field displays the simulation time (or timeframe) at which the PDU is scheduled to be sent.
Periodic: This field indicates whether the PDU is to be sent periodically (Y) or not (N).
Edit: You can double click this button to edit the PDU properties. (See the next page, "Custom PDUs", for more details.)
Delete: You can double click this button to remove the PDU from the list. (It will no longer be part of the scenario.)
User-created PDUs are initially assigned a random color in the animation. You can
double click the colored "tile" of a PDU in the Protocol Data Units List to bring up the
Color Selector of the PDU and then change the color.
You can rearrange the placement of each of the fields in the Protocol Data Units List by
dragging the title of a field to the desired position.
Note that user-created PDUs are not "cleared" from the Protocol Data Units List when the simulation restarts (such as by pressing the Reset
Simulation button). Restarting the scenario simply clears all PDUs currently propagating in the network and resets the simulation time. The PDUs on
the Protocol Data Units List will propagate the network at their specified times when you run the scenario again. To remove a PDU you created,
select it on the Protocol Data Units List and double click its Delete button.
Simulation Mode: Complex PDUs
In addition to simple, quick pings, you can also send customized PDUs. In the Common Tools Bar, click the Add Complex PDU icon, and then
click your source device to bring up the Create Complex PDU dialogue. You can choose which port that the PDU will be sent out (or leave it at the
default). You can also change the type of the PDU by selecting from the list of applications. Depending on the application and device, the PDU may
have the following settings: Destination IP Address, Source IP Address, TTL (Time-To-Live), TOS (Type of Service), Source Port, Destination
Port, Sequence Number, and Size.
Packet Tracer supports custom PDUs with source and destination ports corresponding to
the following application layer protocols:
DNS, Finger, FTP, HTTP, HTTPS, IMAP, NetBIOS, Ping, POP3, SFTP, SMTP,
SNMP, SSH, Telnet, TFTP, Other
You can also set the timing parameters of the PDU. The PDU can be a One Shot event; it is to be sent at a time you specify (in seconds).
Alternatively, the PDU can be a Periodic event; it will be sent periodically at intervals you specify (also in seconds).
Simulation Mode: Special Notes
Editing the Network and Using the Cisco IOS in Simulation Mode
Although Realtime Mode is the preferred mode for network configuration, you can also edit the network directly in Simulation Mode. You have full
access to the Common Tools Bar and the Network Component Box. You also retain access to the Cisco IOS (or in the case of the PC, the command
prompt). When you work with the IOS in Simulation Mode, the network responds to most of your command sequences in realtime. For example,
when you issue the shutdown command on a port, that port will go down immediately. Any command that does not involve the propagation of PDUs
in the network will have a realtime response. Command sequences that do cause or affect the propagation of PDUs will require the user to click the
Auto Capture / Play or Capture / Forward button in order to see the results. For example, after you issue the ping command sequence from the
IOS on a router, the appropriate PDU animation icons will appear on the workspace (as if you had used the Add Simple PDU button), but you would
need to click the Auto Capture / Play or Capture / Forward button to watch the PDUs propagate. The IOS status messages or indicators will
synchronize with the events of the simulation and play speed, appearing to be very slow. Note that packets created by IOS commands do not appear
on the User Created PDU List.
Connections / Links
Packet Tracer supports a wide range of network connections. Each cable type can only be connected to certain interface types.
Wireless Links
You can establish wireless links between access points and end devices (PCs, servers, and printers). To establish a link, simply remove the existing
module on an end device, insert a wireless module, and turn on the device. The device will automatically try to associate itself with an access point.
Typically, this means it will associate (physically) with the nearest access point. See the Wireless Devices page under the Physical Workspace section
for more information regarding distances. However, if two or more access points are in the same closet, the distance from any access point to any end
device is essentially the same. In this case, an end device will associate with the access point that was created first. Recall that the logical topology
does not reflect physical distances, and everything that is created in the Logical Workspace is initially placed in the same wiring closet in the Physical
Workspace. The process for establishing wireless links between Linksys routers and end devices with Linksys network modules is similar, but
described elsewhere.
Link Status
When you connect two devices, you will typically see link lights on both ends of the connection. Some connections do not have link lights.
Packet Tracer supports a wide array of modules for networking devices. To change a module in any device, you must first turn off the power for that
device. There is a power switch available on the Physical page of any device that can change modules. If the module slot is filled you must drag the
existing module out of the device and over to the modules list and then release it. If you are not in the correct place the module will return to the slot.
After removing the original module select and drag the new module from the list of modules to directly over the open slot. When the module appears
in the open slot, turn the power back on. Note, when you turn off switches or routers and then turn them back on, they will load their startup
configuration files. If you do not save the running configuration, it will be lost.
When the network contains routers or switches, develop a habit of saving their running
configurations to the startup configuration before you press their power buttons (or the
Power Cycle Devices button).
All images on this page are thumbnails on which you can click to bring up a larger
image.
Router: 1841
The Cisco 1841 Integrated Services Router provides two fixed 10/100 (100BASE-TX) Ethernet ports, two integrated High-Speed WAN Interface
Card (HWIC) slots that are compatible with WAN Interface Card (WICs) and Voice/WAN Interface Cards (VWICs), and one internal Advanced
Integration Module (AIM) slot.
HWIC-8A The HWIC-8A provides up to eight asynchronous EIA-232 connections to console ports.
HWIC-AP-AG-B The HWIC-AP-AG-B module is a High-Speed WAN Interface Card providing integrated Access Point
functionality in the Cisco 1800 (Modular), Cisco 2800, and Cisco 3800 Integrated Services Routers. It
supports Single Band 802.11b/g or Dual Band 802.11a/b/g radios.
WIC-1AM The WIC-1AM card features dual RJ-11 connectors, which are used for basic telephone service
connections. The WIC-1AM uses one port for connection to a standard telephone line, and the other
port can be connected to a basic analog telephone for use when the modem is idle.
WIC-1ENET The WIC-1ENET is a single-port 10 Mbps Ethernet interface card, for use with 10BASE-T Ethernet
LANs.
WIC-1T The WIC-1T provides a single port serial connection to remote sites or legacy serial network devices
such as Synchronous Data Link Control (SDLC) concentrators, alarm systems, and packet over
SONET (POS) devices.
WIC-2AM The WIC-2AM card features dual RJ-11 connectors, which are used for basic telephone service
connections. The WIC-2AM has two modem ports to allow multiple data communication connections.
WIC-2T The 2-port asynchronous/synchronous serial network module provides flexible multi-protocol support,
with each port individually configurable in synchronous or asynchronous mode, offering mixed media
dial support in a single chassis. Applications for asynchronous/synchronous support include: low
speed WAN aggregation (up to 128 Kbps), dial-up modem support, Async or Sync connections to
management ports of other equipment, and transport of legacy protocols such as Bi-sync and SDLC.
WIC-Cover The WIC cover plate provides protection for the internal electronic components. It also helps maintain
adequate cooling by normalizing airflow.
Router: 1941
The Cisco 1941 Integrated Services Router (ISR) provides 2 integrated 10/100/1000 Ethernet ports, 2 WAN Interface Card (WIC) slots and 1 Internal
Services Module slot.
HWIC-8A The HWIC-8A provides up to eight asynchronous EIA-232 connections to console ports.
WIC-Cover The WIC cover plate provides protection for the internal electronic components. It also helps maintain
adequate cooling by normalizing airflow.
Router: 2620XM
The Cisco 2620XM Multiservice Router provides a one-network module slot platform with one fixed 10/100 (100BASE-TX) Ethernet port, two
integrated WAN Interface Card (WIC) slots, and one Advanced Integration Module (AIM) slot.
Router: 2621XM
The Cisco 2621XM Multiservice Router provides a one-network module slot platform with two fixed 10/100 (100BASE-TX) Ethernet ports, two
integrated WAN Interface Card (WIC) slots, and one Advanced Integration Module (AIM) slot.
The 2621XM supports the same modules that the 2620XM supports.
Router: 2811
The Cisco 2811 Integrated Services Router provides one Enhanced Network-Module slot with two fixed 10/100 (100BASE-TX) Ethernet ports, four
integrated High-Speed WAN Interface Card (HWIC) slots that are compatible with WAN Interface Card (WICs), Voice Interface Cards (VICs) and
Voice/WAN Interface Cards (VWICs), and dual Advanced Integration Module (AIM) slots.
HWIC-2T The HWIC-2T is a Cisco 2-Port Serial High-Speed WAN Interface Card, providing 2 serial ports.
HWIC-AP-AG-B The HWIC-AP-AG-B module is a High-Speed WAN Interface Card providing integrated Access Point
functionality in the Cisco 1800 (Modular), Cisco 2800, and Cisco 3800 Integrated Services Routers. It
supports Single Band 802.11b/g or Dual Band 802.11a/b/g radios.
WIC-1AM The WIC-1AM card features dual RJ-11 connectors, which are used for basic telephone service
connections. The WIC-1AM uses one port for connection to a standard telephone line, and the other
port can be connected to a basic analog telephone for use when the modem is idle.
WIC-1ENET The WIC-1ENET is a single-port 10 Mbps Ethernet interface card, for use with 10BASE-T Ethernet
LANs.
WIC-1T The WIC-1T provides a single port serial connection to remote sites or legacy serial network devices
such as Synchronous Data Link Control (SDLC) concentrators, alarm systems, and packet over
SONET (POS) devices.
WIC-2AM The WIC-2AM card features dual RJ-11 connectors, which are used for basic telephone service
connections. The WIC-2AM has two modem ports to allow multiple data communication connections.
WIC-2T The 2-port asynchronous/synchronous serial network module provides flexible multi-protocol support,
with each port individually configurable in synchronous or asynchronous mode, offering mixed media
dial support in a single chassis. Applications for asynchronous/synchronous support include: low
speed WAN aggregation (up to 128 Kbps), dial-up modem support, Async or Sync connections to
management ports of other equipment, and transport of legacy protocols such as Bi-sync and SDLC.
WIC-Cover The WIC cover plate provides protection for the internal electronic components. It also helps maintain
adequate cooling by normalizing airflow.
Router: 2901
The Cisco 2901 Integrated Services Router (ISR) provides 2 integrated 10/100/1000 Ethernet ports, 4 enhanced high-speed WAN interface card
(WIC) slots, 2 onboard digital signal processor (DSP) slots and 1 onboard Internal Service Module for application services.
HWIC-8A The HWIC-8A provides up to eight asynchronous EIA-232 connections to console ports.
WIC-Cover The WIC cover plate provides protection for the internal electronic components. It also helps maintain
adequate cooling by normalizing airflow.
Router: 2911
The Cisco 2901 Integrated Services Router (ISR) provides 2 integrated 10/100/1000 Ethernet ports, 4 enhanced high-speed WAN interface card
(WIC) slots, 2 onboard digital signal processor (DSP) slots and 1 onboard Internal Service Module for application services.
HWIC-8A The HWIC-8A provides up to eight asynchronous EIA-232 connections to console ports.
WIC-Cover The WIC cover plate provides protection for the internal electronic components. It also helps maintain
adequate cooling by normalizing airflow.
Router: Router-PT
The Router-PT generic router provides ten slots, one console port, and one auxiliary port.
PT-ROUTER-NM-1CFE The PT-ROUTER-NM-1CFE Module provides one Fast-Ethernet interface for use with
copper media. Ideal for a wide range of LAN applications, the Fast Ethernet network modules
support many internetworking features and standards. Single port network modules offer
autosensing 10/100BaseTX or 100BaseFX Ethernet. The TX (copper) version supports virtual
LAN (VLAN) deployment.
PT-ROUTER-NM-1CGE The single-port Cisco Gigabit Ethernet Network Module (part number PT-ROUTER-NM-
1CGE) provides Gigabit Ethernet copper connectivity for access routers. The module is
supported by the Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745 series routers. This
network module has one gigabit interface converter (GBIC) slot to carry any standard copper
or optical Cisco GBIC.
PT-ROUTER-NM-1FFE The PT-ROUTER-NM-1FFE Module provides one Fast-Ethernet interface for use with fiber
media. Ideal for a wide range of LAN applications, the Fast Ethernet network modules
support many internetworking features and standards. Single port network modules offer
autosensing 10/100BaseTX or 100BaseFX Ethernet.
PT-ROUTER-NM-1FGE The single-port Cisco Gigabit Ethernet Network Module (part number PT-ROUTER-NM-
1FGE) provides Gigabit Ethernet copper connectivity for access routers. The module is
supported by the Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745 series routers. This
network module has one gigabit interface converter (GBIC) slot to carry any standard copper
or optical Cisco GBIC.
PT-ROUTER-NM-1S The PT-ROUTER-NM-1S provides a single port serial connection to remote sites or legacy
serial network devices such as Synchronous Data Link Control (SDLC) concentrators, alarm
systems, and packet over SONET (POS) devices.
PT-ROUTER-NM-1SS The 2-port asynchronous/synchronous serial network module provides flexible multi-protocol
support, with each port individually configurable in synchronous or asynchronous mode,
offering mixed media dial support in a single chassis. Applications for
asynchronous/synchronous support include: low speed WAN aggregation (up to 128 Kbps),
dial-up modem support, Async or Sync connections to management ports of other equipment,
and transport of legacy protocols such as Bi-sync and SDLC.
All images on this page are thumbnails on which you can click to bring up a larger
image.
Switch: 2950-24
The Cisco Catalyst 2950-24 is a member of the Cisco Catalyst 2950 series switch family. It is a standalone, fixed-configuration, managed 10/100
switch providing user connectivity for small- to mid-sized networks.
It does not support add-in modules.
Switch: 2950T-24
The Cisco Catalyst 2950T-24 is a member of the Catalyst 2950 Series Intelligent Ethernet Switch family. It is a fixed-configuration, standalone
switch that provides wire-speed Fast Ethernet and Gigabit Ethernet connectivity for mid-sized networks.
It does not support add-in modules.
Switch: 2960-24TT
The Cisco Catalyst 2960-24TT is a member of the Catalyst 2960 Series Intelligent Ethernet Switch family. It is a fixed-configuration, standalone
switch that provides wire-speed Fast Ethernet and Gigabit Ethernet connectivity for mid-sized networks.
It does not support add-in modules.
Switch: Switch-PT
The Switch-PT generic switch provides ten slots, one console port, and one auxiliary port.
PT-SWITCH-NM-1CE The PT-SWITCH-NM-1CE features a single Ethernet port that can connect a LAN backbone
which can also support either six PRI connections to aggregate ISDN lines, or 24
synchronous/asynchronous ports.
PT-SWITCH-NM-1CFE The PT-SWITCH-NM-1CFE Module provides one Fast-Ethernet interface for use with copper
media. Ideal for a wide range of LAN applications, the Fast Ethernet network modules support
many internetworking features and standards. Single port network modules offer autosensing
10/100BaseTX or 100BaseFX Ethernet. The TX (copper) version supports virtual LAN
(VLAN) deployment.
PT-SWITCH-NM-1CGE The single-port Cisco Gigabit Ethernet Network Module (part number PT-SWITCH-NM-
1CGE) provides Gigabit Ethernet copper connectivity for access routers. The module is
supported by the Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745 series routers. This
network module has one gigabit interface converter (GBIC) slot to carry any standard copper
or optical Cisco GBIC.
PT-SWITCH-NM-1FFE The PT-SWITCH-NM-1FFE Module provides one Fast-Ethernet interface for use with fiber
media. Ideal for a wide range of LAN applications, the Fast Ethernet network modules support
many internetworking features and standards. Single port network modules offer autosensing
10/100BaseTX or 100BaseFX Ethernet.
PT-SWITCH-NM-1FGE The single-port Cisco Gigabit Ethernet Network Module (part number PT-SWITCH-NM-
1FGE) provides Gigabit Ethernet optical connectivity for access routers. The module is
supported by the Cisco 2691, Cisco 3660, Cisco 3725, and Cisco 3745 series routers. This
network module has one gigabit interface converter (GBIC) slot to carry any standard copper
or optical Cisco GBIC.
Switch: 3560-24PS
The Cisco Catalyst 3560-24PS is a member of the Catalyst 3560 Series Intelligent Ethernet Switch family. It is a fixed-configuration, standalone
switch that provides wire-speed Fast Ethernet and Gigabit Ethernet connectivity for mid-sized networks.
It does not support add-in modules.
Bridge-PT
This bridge provides two slots.
The bridge supports the same modules that the Switch-PT supports.
All images on this page are thumbnails in which you can click to bring up a larger
image.
PC-PT
The PC-PT provides a console port and one slot.
PC-CAMERA The camera allows the computer to capture images and movies.
PC-USB-HARD-DRIVE The USB hard drive adds extra external storage to the computer.
Laptop-PT
PC-USB-HARD-DRIVE The USB hard drive adds extra external storage to the computer.
Server-PT
Printer-PT
7960
The 7960 IP Phone only provides a port for the power adapter.
Home-VoIP-PT
Analog-Phone-PT
TV-PT
The TV-PT does not support modules.
TabletPC-PT
The TabletPC-PT does not support modules. However, it has a built-in Wireless interface.
PDA-PT
The PDA-PT does not support modules. However, it has a built-in Wireless interface.
WirelessEndDevice-PT
The WirelessEndDevice-PT does not support modules. However, it has a built-in Wireless interface.
WiredDevice-PT
The WiredDevice-PT does not support modules. However, it has a built-in FastEthernet interface.
All images on this page are thumbnails on which you can click to bring up a larger
image.
Hub-PT
The Hub-PT provides ten slots.
Repeater-PT
AccessPoint-PT
AccessPoint-PT-A
AccessPoint-PT-N
The Linksys-WRT300N wireless router has a built-in antenna and provides four fixed 10/100 (100BASE-TX) Ethernet ports and one fixed Internet
port (also 100BASE-TX, typically for connection to cable and DSL modems).
The Linksys-WRT300N wireless router does not support modules.
Cloud-PT
Although a cloud is not a single device, Packet Tracer gives you access to a representation of a cloud. It provides ten slots, a console port, and an
auxiliary port.
DSL-Modem-PT
Cable-Modem-PT
ASA 5505
As with real networks, the networks you make in Packet Tracer must be properly configured before they "work." For simple devices, this may just
mean entering some fields (such as an IP address and subnet mask) or selecting options in a graphical configuration panel (accessed by the Config
tab). Routers and switches, on the other hand, are advanced devices that can be configured with much more sophistication. Some of their settings can
be configured in the Config tab, but most advanced configurations will need to be done through the Cisco IOS. This section explains the Config tab
for all devices. You will also find the complete listing of supported IOS commands for routers and switches in this section.
The Config tab offers four general levels of configuration: global, routing, switching (Cisco 1841 and Cisco 2811 only), and interface. To perform a
global configuration, click the GLOBAL button to expand the Settings button (if it has not already been expanded). To configure routing, click the
ROUTING button, and then choose Static or RIP. To configure switching, click the SWITCHING button to expand the VLAN Database button. To
configure an interface, click the INTERFACE button to expand the list of interfaces, and then choose the interface. Note that the Config tab
provides an alternative to the Cisco IOS CLI only for some simple, common features; to access the full set of router commands that have been
modeled you must use the Cisco IOS CLI.
Throughout your configurations in the Config tab, the lower window will display the equivalent Cisco IOS commands for all your actions.
Global Settings
In global settings, you can change the display name of the router as it appears on the workspace and the hostname as it appears in the Cisco IOS. You
can also manipulate the router configurations files in these various ways:
Load an existing configuration file (in .txt format) into the startup configuration.
Packet Tracer uses a simplified model of the Cisco IOS. Click on the CLI tab in the router configuration window to access the Cisco IOS command
line interface for the router. Use the Copy and Paste buttons to copy and paste text to and from the command line. This page lists the Cisco IOS
command tree for Packet Tracer routers. For Cisco 1841 and 2811 routers with switching capabilities, refer to the "Switch IOS" page for additional
commands. The tree contains only Cisco IOS command chains that are supported in Packet Tracer.
User Mode
<1-99>
connect [ WORD ]
disable
disconnect <1-16>
exit
logout
show
o arp
o cdp
entry
* [ protocol | version ]
interface
Serial <0-9>/<0-24>
neighbors [ detail ]
o class-map [ WORD ]
o clock
o controllers
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
Serial <0-9>/<0-24>
o dot11 interface
o flash:
o frame-relay
lmi
map
pvc
<16-1022>
o history
o hosts
o interfaces
Dot11Radio <0-9>/<0-24>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9> <0-24> <0-4294967295>
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
switchport
trunk
o ip
arp
dhcp binding
eigrp
interfaces [ <1-65535> ]
neighbors [ <1-65535> ]
topology
[ <1-65535> ]
[ A.B.C.D A.B.C.D ]
[ A.B.C.D ][ A.B.C.D ]
all-links
traffic [ <1-65535> ]
interface
Dot11Radio <0-9>/<0-24>/<0-24>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
brief
nbar port-map
nat translations
ospf
<1-65535>
<0-4294967295>
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
virtual-links
A.B.C.D
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
virtual-links
border-routers
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
virtual-links
border-routers
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
virtual-links
protocols
rip database
ssh
o ipv6
access-list [ WORD ]
eigrp
interfaces <1-65535>
neighbors <1-65535>
topology
<1-65535>
X:X:X:X::X/<0-128>
X:X:X:X::X/<0-128>
all-links
traffic <1-65535>
general-prefix
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Tunnel <0-2147483647>
brief
neighbors
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Vlan <1-1005>
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
A.B.C.D
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Loopback <0-2147483647>[detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
border-routers
database
interface
Ethernet<0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
protocols
rip database
route ospf
o policy-map [ WORD | interface [ Ethernet <0-9> <0-24> <0-4294967295> | FastEthernet <0-9> <0-24> <0-4294967295> |
GigabitEthernet <0-9> <0-24> <0-4294967295> | Serial <0-9> <0-24> | Serial <0-9> <0-24> <0-4294967295> ]
o privilege
o protocols
o queue
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o queueing
o sessions
o ssh
o tcp [brief]
o terminal
o users
o version
o vtp
counters
status
ssh
o -v 1 -l WORD WORD
o -v 2 -l WORD WORD
telnet [ WORD ][<0-65535>]
traceroute WORD
Enable Mode
<1-99>
auto secure
clear
o arp-cache
o cdp table
o ip
bgp *
nat translation *
ospf process
dhcp binding
nat translation *
neighbors
o mac-address-table [ dynamic ]
o vtp counters
configure [ terminal ]
connect [ WORD ]
copy
o flash:
ftp:
running-config
startup-config
tftp:
o ftp:
flash:
running-config
startup-config
o running-config
flash:
ftp
startup-config
tftp:
o startup-config
flash:
ftp
running-config
tftp:
o tftp:
flash:
running-config
startup-config
debug
o aaa authenticateion
o custom-queue
o eigrp
fsm
packets
o ephone register
o frame-relay lmi
o ip
icmp
inspect
detailed
events
function-trace
object-creation
object-deletion
protocol [ http | icmp | tcp | udp ]
timers
nat
ospf
adj
events
packet
rip [ events ]
routing
o ipv6
inspect
detailed
events
function-trace
icmp
object-creation
object-deletion
tcp
timers
udp
ospf
adj
events
o ntp packets
delete
o WORD
o flash:
disable
disconnect <1-16>
erase startup-config
exit
logout
more file
no
o debug
all
aaa authenticateion
custom-queue
eigrp
fsm
packets
ephone register
frame-relay lmi
ip
icmp
inspect
detailed
events
function-trace
object-creation
object-deletion
timers
nat
ospf
adj
events
packet
rip [ events ]
routing
ipv6
inspect
detailed
events
function-trace
icmp
object-creation
object-deletion
tcp
timers
udp
ospf
adj
events
ntp packets
ping [ WORD ]
o [ Protocol ] [ Target IP address ] [ Repeat count ] [ Datagram size ] [ Timeout in seconds ] [ Extended commands ] [ Sweep
range of sizes ]
reload
setup
show
o aaa
sessions
o arp
o cdp
entry
* [ protocol | version ]
interfaces
neighbors [ detail ]
o class-map [ WORD ]
o clock
o controllers
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
Serial <0-9>/<0-24>
o crypto
isakmp [ policy | sa ]
ipsec [ sa | transform-set ]
map
o debugging
o dhcp lease
o dot11 interface
o ephone [attempted-registrations]
o file systems
o flash:
o frame-relay
lmi
map
pvc
<16-1022>
o history
o hosts
o interfaces
dot11Radio <0-9>/<0-24>/<0-24>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
switchport
trunk
o ip
arp
dhcp binding
eigrp
interfaces [ <1-65535> ]
neighbors [ <1-65535> ]
traffic [ <1-65535> ]
inspect
all
config
interfaces
name WORD
sessions [ detail ]
statistics
interface
dot11Radio <0-9>/<0-24>/<0-24>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
brief
ips
all
configuration
signatures
count
nbar port-map
ospf
<1-65535>
<0-4294967295>
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor [ detail ]
virtual-links
A.B.C.D
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor [ detail ]
virtual-links
border-routers
database
interface
Serial <0-9>/<0-24>
neighbor [ detail ]
virtual-links
border-routers
database
interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor [ detail ]
virtual-links
protocols
rip database
ssh
o ipv6
access-list [ WORD ]
eigrp
interfaces <1-65535>
neighbors <1-65535>
topology
<1-65535>
X:X:X:X::X/<0-128>
X:X:X:X::X/<0-128>
all-links
traffic <1-65535>
general-prefix
inspect
all
config
interfaces
name [ WORD ]
sessions [ detail ]
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
Tunnel <0-2147483647>
brief
nat
statistics
translations
neighbors
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>[detail]
Serial <0-9>/<0-24>[.][<0-4294967295>]
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Loopback <0-2147483647>[detail]
detail
A.B.C.D
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet<0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Loopback <0-2147483647>[detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>][detail]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>][detail]
Loopback <0-2147483647>[detail]
Serial <0-9>/<0-24>[.][<0-4294967295>][detail]
detail
protocols
rip database
route [ ospf ]
o line
o logging
o login [ failures ]
o mac-address-table [ static ]
o ntp status
o parser view
o policy-map
WORD
interface
Serial <0-9>/<0-24>
o privilege
o processes
o protocols
o queue
Serial <0-9>/<0-24>
o running-config
o secure [ bootset ]
o sessions
o snmp
o spanning-tree
active
detail
interface
FastEthernet <0-9>/<0-24>[portfast]
Gigabit <0-9>/<0-24>[portfast]
Port-channel <1-6>
Vlan <1-4094>[portfast]
summary totals
vlan <1-1005>
o ssh
o standby
FastEthernet <0-2>/<0-1>[brief]
brief
o startup-config
o storm-control broadcast
o tcp [ brief ]
o tech-support
o terminal
o users
o version
o vtp
counters
status
ssh
o -v 1 -l WORD WORD
o -v 2 -l WORD WORD
terminal history size <0-256>
telnet [ WORD ]
traceroute [ WORD ]
o [ Protocol ] [ Target IP address ] [ Source address ] [ Numeric display ] [ Timeout in seconds ] [ Probe count ] [ Minimum
Time to Live ] [ Maximum Time to Live ]
undebug
o all
o aaa authenticateion
o custom-queue
o eigrp
fsm
packets
o ip
icmp
inspect
detailed
events
function-trace
object-creation
object-deletion
timers
nat
ospf
adj
events
packet
rip [ events ]
routing
vlan database
Global Mode
aaa
o authenticateion
enable default
enable
local
none
enable
local
enable
enable
if-authenticateed
new-model
access-list (named ACL is under the "ip access-list" branch in Global Mode)
o <1-99>
remark LINE
o <100-199>
[ deny | permit ][ ahp | eigrp | esp | gre | ospf ][ A.B.C.D A.B.C.D | any | host A.B.C.D ][ A.B.C.D A.B.C.D | any | host
A.B.C.D ]
[ deny | permit ] [ icmp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
<0-256>
echo
echo-reply
host-unreachable
net-unreachable
port-unreachable
protocol-unreachable
ttl-exceeded
unreachable
[ deny | permit ] [ ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
dscp [ <0-63> | af11 |af12 |af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 |cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash=override | immediate | internet | network | priority | routine ]
[ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
remark LINE
banner
o motd LINE
o login LINE
config-register WORD
crypto
o ipsec
esp-md5-hmac
esp-sha-hmac
o isakmp
enable
key WORD address A.B.C.D [ A.B.C.D ]
policy <1-10000>
o map WORD
do LINE
enable
o password
7 WORD
LINE
level <1-15>
7 WORD
LINE
o secret
[ 0 | 5 ] LINE
level <1-15>
[ 0 | 5 ] LINE
end
exit
hostname WORD
interface
o Dot11Radio <0-9>/<0-24>/<0-24>
o Loopback <0-2147483647>
o Tunnel <0-2147483647>
o Virtual-Template <1-200>
o Vlan <1-1005>
o range
Loopback <0-2147483647>
Vlan <1-1005>
ip
o access-list
extended
<100-199>
WORD
standard
<1-99>
WORD
o default-network A.B.C.D
o dhcp
pool WORD
o domain-lookup
o domain-name WORD
o helper-address A.B.C.D
o inspect
alert-off
audit-trail
dns-timeout <1-2147483>
alert [ off | on ]
audit-trail [ off | on ]
timeout <5-43200>
o ips
config location [ WORD [ retries <1-5>] ]
fail closed
notify log
signature-category
signature-definition
o nat
inside source
list [ <1-199> | WORD ] interface [ Ethernet | FastEthernet | GigabitEthernet | Serial ] <0-9>/<0-24>[ . ][ <0-
4294967295> ] [ overload ]
static
A.B.C.D A.B.C.D
outside source
list [ <1-199> | WORD ] pool WORD
static
A.B.C.D A.B.C.D
A.B.C.D [ <1-255> ]
o ssh
time-out <1-120>
version <1-2>
ipv6
o access-list WORD
o host WORD
o inspect
alert-off
audit-trail
alert [ off | on ]
audit-trail [ off | on ]
timeout <5-43200>
finwait-time <1-2147483>
idle-time <1-2147483>
synwait-time <1-2147483>
o nat
prefix X:X:X:X::X/<0-128>
v4v6
v6v4
o neighbor X:X:X:::X
Ethernet <0-9>/<0-24>[.][<0-4294967295>] H.H.H
o route X:X:X:X::X/<0-128>
X:X:X:X::X [ <1-254> ]
o router
eigrp <1-65535>
ospf <1-65535>
rip WORD
o unicast-routing
line
o <2-499> [<3-499>]
o aux <0-0>
o console <0-0>
o x/y/z
logging
o A.B.C.D
o buffered <4096-2147483647>
o console
o host A.B.C.D
o on
o trap [ debugging ]
o userinfo
login
no
o aaa
authenticateion
enable default
enable
local
none
authorization
[ exec | network ] [ WORD | default ]
if-authenticateed
local
none
new-model
o cdp run
o clock timezone
o config-register
o crypto
ipsec
transform-set WORD
isakmp
policy <1-10000>
map WORD
o enable
password
7 WORD
level <1-15>
secret
level <1-15>
o hostname
o interface
Dot11Radio <0-9>/<0-24>/<0-24>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Tunnel <0-2147483647>
Virtual-Template <1-200>
Vlan <1-1005>
o ip
access-list
default-network A.B.C.D
dhcp
pool WORD
domain-lookup
domain-name
inspect
alert-off
audit-trail
dns-timeout <1-2147483>
ips
fail closed
notify log
signature-category
name-server
nat
inside source
static
A.B.C.D A.B.C.D
outside source
static
A.B.C.D A.B.C.D
pool WORD
route A.B.C.D A.B.C.D
<1-255>
A.B.C.D [ <1-255> ]
ssh version
authenticateion-retries
time-out
version [ 1 | 2 ]
o ipv6
access-list WORD
host WORD
inspect
alert-off
audit-trail
udp idle-time
nat
prefix X:X:X:X::X/<0-128>
v4v6
v6v4
pool WORD A.B.C.D A.B.C.D
interface
neighbor X:X:X:X::X
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
route X:X:X:X::X/<0-128>
<1-254>
X:X:X:X::X [ <1-254> ]
router
eigrp <1-65535>
ospf <1-65535>
rip WORD
unicast-routing
o logging
A.B.C.D
buffered
console
host A.B.C.D
on
trap [ debugging ]
userinfo
o login
block-for
o ntp
authenticatee
authenticateion-key <1-4294967295>
server A.B.C.D
trusted-key <1-4294967295>
update-calendar
o parser view WORD
o priority-list <1-16>
default
protocol
ip [ high | low | medium | normal ] [ list <1-199> | tcp <0-65535> | udp <0-65535> ]
queue-limit
o privilege [ configure | exec | interface | line | router ] [ all ] [ level <0-15> ] LINE
o queue-list <1-16>
default
protocol
ip <0-16>
tcp <0-65535>
udp <0-65535>
ipv6 <0-16>
queue <0-16>
o radius-server
key LINE
o router
bgp <1-65535>
eigrp <1-65535>
ospf <1-65535>
rip
o secure
boot-config
boot-image
o service
nagle
password-encryption
o spanning-tree
mode
portfast default
o tacacs-server
host A.B.C.D
key LINE
key LINE
o username WORD
o vpdn enable
o vpdn-group WORD
o authenticatee
o trusted-key <1-4294967295>
o update-calendar
priority-list <1-16>
o protocol
ip [ high | low | medium | normal ] [ list <1-199> | tcp <0-65535> | udp <0-65535> ]
privilege [ configure | exec | interface | line | router ] [ all ] [ level <0-15> | reset ] LINE
queue-list <1-16>
o default <0-16>
o protocol
ip <0-16>
tcp <0-65535>
udp <0-65535>
ipv6 <0-16>
o queue <0-16>
radius-server
o key LINE
router
o bgp <1-65535>
o eigrp <1-65535>
o ospf <1-65535>
o rip
secure [ boot-config | boot-image ]
service
o nagle
o password-encryption
o priority <0-61440>
tacacs-server
o host A.B.C.D
key LINE
o key LINE
o password
0 LINE
7 WORD
LINE
o secret
0 LINE
5 WORD
LINE
vpdn enable
vpdn-group WORD
<1-2147483647>
o deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o default
deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o exit
o no
deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o remark LINE
<1-2147483647>
o deny
[ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
[ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq<0-65535> | host A.B.C.D | gt<0-
65535> | lt <0-65535> | neq<0-65535> | range<0-65535><0-65535> ]
o permit
[ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
[ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq<0-65535> | host A.B.C.D | gt<0-
65535> | lt <0-65535> | neq<0-65535> | range<0-65535><0-65535> ]
default
o [ deny | permit ] [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
deny
o [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host A.B.C.D | gt <0-65535>
| lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-65535> | neq <0-65535> |
range <0-65535> <0-65535> ]
exit
no
o [ deny | permit ] [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
permit
o [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host A.B.C.D | gt <0-65535>
| lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-65535> | neq <0-65535> |
range <0-65535> <0-65535> ]
remark LINE
bandwidth <1-10000000>
cdp enable
custom-queue-list <1-16>
delay <1-16777215>
description LINE
exit
fair-queue [ <16-4096> ] [ <16-4096> ] [ <0-1000> ]
ip
o address
A.B.C.D A.B.C.D
dhcp
o mtu <68-1500>
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o proxy-arp
o split-horizon
o virtual-reassembly
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp<1-65535>
o enable
o hello-interval eigrp<1-65535><1-65535>
o mtu<1280-1500>
o nat
o nd
other-config-flag
ra suppress
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o rip WORD
default-information originate
enable
o summary-address eigrp <1-65535> X:X:X:X::X/<0-128> [ <1-255> ]
mac-address H.H.H
mtu <64-1600>
no
o arp timeout
o bandwidth
o cdp enable
o custom-queue-list <1-16>
o delay
o description
o duplex
o ip
mtu <68-1500>
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
o ipv6
address
autoconfig
X:X:X:X::X link-local
WORD
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu <1280-1500>
nat
ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
network
priority <0-255>
rip WORD
default-information originate
enable
o mac-address
o mtu
o pppoe enable
o priority-group
o service-policy [ input | output ] WORD
o shutdown
o speed
o tx-ring-limit
pppoe enable
priority-group <1-16>
shutdown
speed [ 10 | 100 | 1000 | auto ] (10/100 options are only available for FastEthernet and GigabitEthernet interfaces and 10/100/1000 options are only
available for GigabitEthernet interfaces respectively)
tx-ring-limit <1-32767>
bandwidth <1-10000000>
delay <1-16777215>
description LINE
exit
ip
o address
A.B.C.D A.B.C.D
dhcp
o helper-address A.B.C.D
o mtu <68-1500>
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o proxy-arp
o split-horizon
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o hello-interval eigrp <1-65535> <1-65535>
o mtu <1280-1500>
o nd [ other-config-flag | ra suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
mtu <64-1600>
no
o arp timeout
o bandwidth
o delay
o description
o encapsulation dot1Q
o ip
address [ dhcp ]
helper-address A.B.C.D
mtu
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
hello-interval eigrp <1-65535>
mtu
nd [ other-config-flag | ra suppress ]
ospf
cost
dead-interval
hello-interval
network
priority
o mtu
o shutdown
o standby
<0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
ip A.B.C.D
ipv6
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
shutdown
standby
o <0-4095>
ip A.B.C.D
ipv6 autoconfig
preempt
priority <0-255>
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o ip A.B.C.D
o ipv6 autoconfig
o preempt
o priority <0-255>
o timers <1-254>
o track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
bandwidth <1-10000000>
cdp enable
custom-queue-list <1-16>
delay <1-16777215>
description LINE
encapsulation
o hdlc
o ppp
o frame-relay [ ietf ]
exit
frame-relay
o interface-dlci <16-1007>
o map
ip A.B.C.D <16-1007>
cisco [ broadcast ]
ietf [ broadcast ]
cisco [ broadcast ]
ietf [ broadcast ]
ip
o mtu <68-1500>
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o split-horizon
o virtual-reassembly
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nd [ other-config-flag | ra suppress ]
o ospf
<1-65535> area [ <0-4294967295> | A.B.C.D ] [ instance <0-255> ]
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
keepalive <0-30>
mtu <64-17940>
no
o bandwidth <1-10000000>
o cdp enable
o clock rate
o custom-queue-list <1-16>
o delay
o description
o encapsulation
o frame-relay
interface-dlci <16-1007>
o ip
address [ dhcp ]
helper-address A.B.C.D
mtu <68-1500>
nat [ inside | outside ]
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
network
priority
split-horizon
virtual-reassembly
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
X:X:X:X::X/<0-128> [ anycast | eui-64 ]
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu
nd [ other-config-flag | ra suppress ]
ospf
cost
dead-interval
hello-interval
network
priority
o keepalive
o mtu
o ppp
authenticateion
pap sent-username
o priority-group <1-16>
o shutdown
o speed
o tx-ring-limit
ppp
priority-group <1-16>
shutdown
tx-ring-limit <1-32767>
exit
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o eigrp <1-65535>
o enable
o enable
o nd ra suppress
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
no
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
eigrp <1-65535>
enable
nd ra suppress
ospf
cost
dead-interval
hello-interval
network
priority
shutdown
tunnel
o destination A.B.C.D
o source
Loopback <0-2147483647>
Serial <0-9>/<0-24>
bandwidth <1-10000000>
delay <1-16777215>
description LINE
exit
ip
o address
A.B.C.D A.B.C.D
dhcp
o helper-address A.B.C.D
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o proxy-arp
o split-horizon
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nat prefix [ X:X:X:X::X/<0-128> ] [ v4-mapped WORD ]
o nd [ other-config-flag | ra suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
no
o arp timeout
o bandwidth
o delay
o description
o ip
address [ dhcp ]
helper-address A.B.C.D
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu <1280-1500>
nd [ other-config-flag | ra suppress ]
ospf
dead-interval
hello-interval
network
priority
o shutdown
o standby
<0-4095>
ip A.B.C.D
ipv6
preempt
priority
track
preempt
priority
track
shutdown
standby
o <0-4095>
ip A.B.C.D
ipv6 autoconfig
preempt
priority <0-255>
track
ip A.B.C.D
ipv6 autoconfig
preempt
priority <0-255>
timers <1-254>
track
exit
no
o vlan <1-1005>
o vtp
client
password
transparent
v2-mode
vtp
o client
o domain WORD
o password WORD
o server
o transparent
o v2-mode
databits [ 5 | 6 | 7 | 8 ]
default [ databits | flowcontrol | history size | parity | speed | stopbits ]
exit
logging synchronous
login
o local
motd-banner
no
o [ access-class [ <1-199> | <1300-2699> | WORD ] [ in | out ] | databits | flowcontrol | history size | login | motd-banner |
parity | password | session-limit | speed | stopbits ]
o databits
o exec-timeout
o flowcontrol
o history size
o ipv6 access-class WORD [ in | out ]
o logging synchronous
o motd-banner
o parity
o password
o privilege level
o session-limit
o speed
o stopbits
o transport output
session-limit <0-4294967295>
speed <0-4294967295>
stopbits [ 1 | 1.5 | 2 ]
exit
match
o access-group
<1-2699>
name WORD
o any
o class-map WORD
o cos <0-7>
o input-interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
o ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6
| cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
o not
access-group
<1-2699>
name WORD
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol [ arp | bgp | cdp | dhcp | dns | eigrp | ftp | gre | h323 | http | icmp | ip | ipsec | ipv6 | ntp | ospf | pop3 | rip | rtp |
skinny | smtp | snmp | ssh | syslog | tcp | telnet | tftp | udp ]
qos-group <0-1023>
o precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
o protocol
arp
bgp
cdp
dhcp
dns
eigrp
ftp
gre
h323
icmp
ip
ipsec
ipv6
ntp
ospf
pop3
rip
rtp
skinny
smtp
snmp
ssh
syslog
tcp
telnet
tftp
udp
o qos-group <0-1023>
no
o description [ LINE ]
o match
access-group
<1-2699>
name WORD
any
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
not
access-group
<1-2699>
name WORD
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3
| cs4 | cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol
arp
bgp
cdp
dhcp
dns
eigrp
ftp
gre
h323
icmp
ip
ipsec
ipv6
ntp
ospf
pop3
rip
rtp
skinny
smtp
snmp
ssh
syslog
tcp
telnet
tftp
udp
qos-group <0-1023>
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol [ arp | bgp | cdp | dhcp | dns | eigrp | ftp | gre | h323 | http | icmp | ip | ipsec | ipv6 | ntp | ospf | pop3 | rip | rtp |
skinny | smtp | snmp | ssh | syslog | tcp | telnet | tftp | udp ]
qos-group <0-1023>
exit
exit
no
description LINE
exit
no
o description LINE
o match address
o set
peer A.B.C.D
transform-set
set
o peer A.B.C.D
authenticateion pre-share
exit
group [ 1 | 2 | 5 ]
lifetime <60-86400>
no
o authenticateion pre-share
o group [ 1 | 2 | 5 ]
o lifetime <60-86400>
exit
no
exit
no
engine
exit
status
exit
no
exit
no
default
o secret
exit
no
o secret
secret [ 0 | 5 ] LINE
bgp
o log-neighbor-changes
o redistribute-internal
o router-id A.B.C.D
exit
neighbor
o A.B.C.D next-hop-self
network
no
o bgp
log-neighbor-changes
redistribute-internal
router-id A.B.C.D
o neighbor
A.B.C.D next-hop-self
o redistribute
connected
eigrp <1-65535>
ospf <1-65535>
match
external
internal
nssa-external
static
synchronization
redistribute
o connected
o eigrp <1-65535>
o ospf <1-65535>
match
external
internal
nssa-external
static
o synchronization
auto-summary
exit
no
o auto-summary
o distance eigrp
o metric weights
o redistribute
o passive-interface
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
default
o variance
passive-interface
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o default
redistribute
o ospf <1-65535> [ match { external [ 1 | 2 ] internal | nssa-external } ] [ metric <1-4294967295> ] [ <0-4294967295> <0-255>
<1-255> <1-65535> ]
variance <1-128>
exit
no
o metric weights <0-8> <0-255> <0-255> <0-255> <0-255>
o redistribute
ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric bandwidth delay reliability effective
BW MTU ]
redistribute
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric bandwidth delay reliability effective BW MTU
]
router-id A.B.C.D
metric weights <0-8> <0-255> <0-255> <0-255> <0-255>
shutdown
area
o [ <0-4294967295> | A.B.C.D ]
authenticate message-digest
default-cost <0-16777215>
nssa no-summary
stub no-summary
virtual-link A.B.C.D
default-information originate
distance <1-255>
exit
log-adjacency-changes [ detail ]
no
o area
[ <0-4294967295> | A.B.C.D ]
authenticate message-digest
default-cost <0-16777215>
nssa no-summary
stub no-summary
virtual-link A.B.C.D
o default-information originate
o distance <1-255>
o log-adjacency-changes [ detail ]
o redistribute
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005<
default
o router-id
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o Vlan <1-1005<
o default
redistribute
o ospf <1-65535> [ match { external [ 1 | 2 ] internal | nssa-external } ] [ metric <1-4294967295> ] [ <0-4294967295> <0-255>
<1-255> <1-65535> ]
router-id A.B.C.D
area area-id
o default-cost <0-16777215>
o nssa [ no-summary ]
o stub [ no-summary ]
o virtual-link A.B.C.D
distance <1-254>
exit
log-adjacency-changes [ detail ]
no
o area area-id
default-cost <0-16777215>
nssa [ no-summary ]
stub [ no-summary ]
virtual-link A.B.C.D
o distance <1-254>
o log-adjacency-changes [ detail ]
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
default
o redistribute
metric <0-16777214>
ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-
4294967295> ]
o router-id
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o default
redistribute
o bgp <1-65535> [ metric <0-16777214> | subnets | tag <0-4294967295> ]
o metric <0-16777214>
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-4294967295>
]
router-id A.B.C.D
auto-summary
default-information originate
distance <1-255>
exit
network A.B.C.D
no
o auto-summary
o default-information
o distance <1-255>
o network A.B.C.D
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
default
o redistribute
o versions <1-2>
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o Vlan <1-1005>
o default
redistribute
version <1-2>
distance <1-254>
exit
no
o distance
o redistribute
redistribute
default-router A.B.C.D
dns-server A.B.C.D
exit
no dns-server
dns-server X:X:X:X::X
domain-name WORD
exit
no
o dns-server X:X:X:X::X
o domain-name WORD
o prefix-delegation
prefix-delegation
Rommon Mode
boot
confreg config-register-number
dir flash:
help
reset
set
tftpdnld
unset variable
variable=value
Routers: IOS 15
Packet Tracer uses a simplified model of the Cisco IOS. Click on the CLI tab in the router configuration window to access the Cisco IOS command
line interface for the router. Use the Copy and Paste buttons to copy and paste text to and from the command line. This page lists the Cisco IOS
command tree for Packet Tracer routers. For Cisco 1841 and 2811 routers with switching capabilities, refer to the "Switch IOS" page for additional
commands. The tree contains only Cisco IOS command chains that are supported in Packet Tracer.
User Mode
<1-99>
connect [ WORD ]
disable
disconnect <1-16>
exit
logout
show
o arp
o cdp
entry
* [ protocol | version ]
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbors [ details ]
o class-map [ WORD ]
o clock
o controllers
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>[.][<0-4294967295>]
o dot11 interface
o flash:
o frame-relay
lmi
map
pvc
<16-1022>
interface
serial <0-9>/<0-24>[.][<0-4294967295>]
o history
o hosts
o interfaces
Dot11Radio <0-24>/<0-24>/<0-24>
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
switchport
trunk
o ip
arp
bgp
neighbors
summary
dhcp binding
eigrp
interface <1-65535>
neighbors <1-65535>
topology
<1-65535>
A.B.C.D [ A.B.C.D ]
A.B.C.D [ A.B.C.D ]
all-links
traffic <1-65535>
interface
Dot11Radio <0-9>/<0-24>/<0-24>
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
brief
nbar port-map
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
virtual-links
A.B.C.D
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
virtual-links
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
virtual-links
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
virtual-links
protocols
rip database
ssh
o ipv6
access-list WORD
eigrp
interfaces <1-65535>
neighbors <1-65535>
topology
<1-65535> [ X:X:X:X::X/<0-128>
X:X:X:X::X/<0-128>
all-links
traffic <1-65535>
general-prefix
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Tunnel <0-2147483647>
brief
nat [ statistics | translations ]
neighbors
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
Vlan <1-1005>
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
A.B.C.D
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
Ethernet <0-9>/<0-24>[.][<0-4294967295>] [ detail ]
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbor
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbors
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>[.][<0-4294967295>]
neighbors
detail
o protocols
o rip database
o route ospf
policy-map
o WORD
o interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o privilege
o protocols
o queue
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o queueing
o sessions
o ssh
o tcp [ brief ]
o terminal
o users
o version
o vlan-switch
brief
id <1-1005>
name WORD
ssh
o -v 1 -l WORD WORD
o -v 2 -l WORD WORD
terminal WORD <0-65535>
traceroute
o [ Protocol ] [ Target IP address ] [ Source address ] [ Numeric display ] [ Timeout in seconds ] [ Probe count ] [ Minimum
Time to Live ] [ Maximum Time to Live ]
Enable Mode
<1-99>
auto secure
clear
o arp-cache
o cdp table
o ip
bgp *
nat translation *
ospf process
dhcp binding
nat translation *
neighbors
o mac-address-table [ dynamic ]
o vtp counters
configure [ terminal ]
connect [ WORD ]
copy
o flash:
ftp:
running-config
startup-config
tftp:
o ftp:
flash:
running-config
startup-config
o running-config
flash:
ftp
startup-config
tftp:
o startup-config
flash:
ftp
running-config
tftp:
o tftp:
flash:
running-config
startup-config
debug
o aaa authenticateion
o custom-queue
o eigrp
fsm
packets
o frame-relay lmi
o ip
icmp
nat
packet
rip [ events ]
routing
o ipv6
inspect
detailed
events
function-trace
icmp
object-creation
object-deletion
tcp
timers
udp
o ntp packets
delete
o WORD
o flash:
disable
disconnect <1-16>
enable [ <0-15> | view [ WORD ] ]
erase startup-config
exit
logout
more flash:<filename>
no
o debug
all
aaa authenticateion
custom-queue
ephone register
frame-relay lmi
ip
icmp
inspect
detailed
events
function-trace
object-creation
object-deletion
timers
nat
packet
rip [ events ]
routing
ipv6
o inspect
detailed
events
function-trace
icmp
object-creation
object-deletion
tcp
timers
udp
o ntp packets
o [ Protocol ] [ Target IP address ] [ Repeat count ] [ Datagram size ] [ Timeout in seconds ] [ Extended commands ] [ Sweep
range of sizes ]
reload
send [ * | <0-300> ]
setup
show
o aaa
sessions
o arp
o cdp
entry
* [ protocol | version ]
interfaces
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Serial <0-9>/<0-24>
neighbors [ detail ]
o class-map [ WORD ]
o clock
o controllers
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>[.][<0-4294967295>]
o debuggin
o dhcp lease
o dot11 interface
o file system
o frame-relay
lmi
map
pvc
<16-1022>
interface Serial <0-9>/<0-24>[<16-1022>]
o history
o hosts
o interface
Dot11Radio <0-9>/<0-24>/<0-24>
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>/<0-4294967295>
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
switchport
trunk
o ip
arp
dhcp binding
eigrp
interfaces [ <1-65535> ]
neighbors [ <1-65535> ]
traffic [ <1-65535> ]
interface
Dot11Radio <0-9>/<0-24>/<0-24>
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>/[.][<0-4294967295>
Tunnel <0-2147483647>
Virtual-Access <1-2>
Virtual-Template <1-200>
Vlan <1-1005>
brief
nbar port-map
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
virtual-links
A.B.C.D
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
virtual-links
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-9>/<0-24>
neighbor
virtual-links
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
virtual-links
protocols
rip database
ssh
o ipv6
access-list [ WORD ]
eigrp
interface <1-65535>
neighbors <1-65535>
topology
<1-65535> [ X:X:X:X::X/<0-128>
X:X:X:X::X/<0-128>
all-links
traffic <1-65535>
general-prefix
inspect
all
config
interfaces
name [ WORD ]
sessions [ detail ]
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
brief
neighbors
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ospf
<1-65535>
<0-4294967295>
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbor
detail
A.B.C.D
database
interface
neighbor
detail
border-routers
database
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
neighbors
detail
border-routers
database
interface
neighbors
protocols
rip database
route [ ospf ]
o licsense [ all | detail | feature | udi ]
o line
o logging
o login [ failures ]
o mac-address-table [ static ]
o ntp status
o parse view
o policy-map
WORD
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>[.][<0-4294967295>]
o privileges
o processes
o protocols
o queue
Ethernet <0-9>/<0-24>[.][<0-4294967295> ]
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Serial <0-9>/<0-24>[.][<0-4294967295>]
o queueing
o running-config
o secure [ bootset ]
o sessions
o snmp
o spanning-tree
active
detail
interface
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295> ]
Port-channel <1-6>
summary totals
vlan <1-1005>
o ssh
o standby
brief
o startup-config
o storm-control broadcast
o tcp [ brief ]
o tech-support
o terminal
o users
o users
o version
o vlan-switch [ brief | id <1-1005> | name WORD ]
ssh
o -v 1 -l WORD WORD
o -v 2 -l WORD WORD
o [ Protocol ] [ Target IP address ] [ Source address ] [ Numeric display ] [ Timeout in seconds ] [ Probe count ] [ Minimum
Time to Live ] [ Maximum Time to Live ]
undebug
o all
o aaa authenticateion
o custom-queue
o frame-relay lmi
o ip
icmp
inspect
detailed
events
function-trace
object-creation
object-deletion
timers
nat
packet
rip [ events ]
routing
o ntp packets
Global Mode
aaa
o authenticateion
enable default
enable
local
none
enable
local
enable
enable
if-authenticateed
o new-model
access-list (named ACL is under the "ip access-list" branch in Global Mode)
o <1-99>
remark LINE
o <100-199>
[ deny | permit ] [ ahp | eigrp | esp | gre | ospf ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any |
host A.B.C.D ]
[ deny | permit ] icmp [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
<0-256>
echo
echo-reply
host-unreachable
net-unreachable
port-unreachable
protocol-unreachable
ttl-exceeded
unreachable
[ deny | permit ] ip [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
[ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
remark LINE
banner
o motd LINE
o login LINE
cdp run
config-register WORD
crypto
do LINE
enable
o password
7 WORD
LINE
level <1-15>
7 WORD
LINE
o secret
[ 0 | 5 ] LINE
level <1-15>
[ 0 | 5 ] LINE
end
exit
hostname WORD
interface
o Dot11Radio <0-9>/<0-24>/<0-24>
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Tunnel <0-2147483647>
o Virtual-Template <1-200>
o Vlan <1-1005>
o range
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Vlan <1-1005>
ip
o access-list
o default-network A.B.C.D
o dhcp
pool WORD
o domain-lookup
o domain-name WORD
o forward-protocol udp [ <0-65535> | bootpc | bootps | domain | netbios-dgm | netbios-ns | tacacs | tftp | time ]
o ftp
passive
username WORD
o nat
inside source
A.B.C.D A.B.C.D
outside source
static
A.B.C.D A.B.C.D
A.B.C.D [<1-255>]
o ssh
authenticateion-retries <0-5>
time-out <1-120>
version <1-2>
ipv6
o access-list WORD
o general-prefix WORD
X:X:X:X::X/<1-128>
o host WORD
o inspect
alert-off
audit-trail
alert [ off | on ]
audit-trail [ off | on ]
timeout <5-43200>
tcp
finwait-time <1-2147483>
idle-time <1-2147483>
synwait-time <1-2147483>
o nat
prefix X:X:X:X::X/<0-128>
v4v6
v6v4
interface
o neighbor X:X:X:X::X
o route X:X:X:X::X/<0-128>
X:X:X:X::X [ <1-254> ]
o unicast-routing
line
o <2-499> [ <3-499> ]
o aux <0-0>
o console <0-0>
logging
o A.B.C.D
o buffered <4096-2147483647>
o console
o host A.B.C.D
o on
o trap [ debugging ]
o userinfo
login
o aaa
new-model
o cdp run
o clock timezone
o config-register
o enable
o hostname
o interface
Dot11Radio <0-9>/<0-24>/<0-24>
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Tunnel <0-2147483647>
Virtual-Template <1-200>
Vlan <1-1005>
o ip
access-list
default-network A.B.C.D
dhcp
pool WORD
domain [ lookup | name ]
domain-lookup
domain-name
inspect
alert-off
audit-trail
dns-timeout <1-2147483>
name-server
nat
inside source
static
A.B.C.D A.B.C.D
outside source
static
A.B.C.D A.B.C.D
<1-255>
A.B.C.D [ <1-255> ]
ssh
authenticateion-retries
time-out
version [ 1 | 2 ]
o ipv6
access-list WORD
host WORD
inspect
alert-off
audit-trail
udp idle-time
nat
prefix X:X:X:X::X/<0-128>
v4v6
pool WORD
v6v4
pool WORD
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
route X:X:X:X::X/<0-128>
<1-254>
X:X:X:X::X [ <1-254> ]
router
eigrp <1-65535>
ospf <1-65535>
rip WORD
unicast-routing
o logging
A.B.C.D
buffered
console
host A.B.C.D
on
trap [ debugging ]
userinfo
o login
block-for
ntp
authenticatee
authenticateion-key <1-4294967295>
server A.B.C.D
trusted-key <1-4294967295>
update-calendar
o priority-list <1-16>
default
protocol
ip [ high | low | medium | normal ] [ list <1-199> | tcp <0-65535> | udp <0-65535> ]
queue-limit
o privilege [ configure | exec | interface | line | router ] [ all ] [ level <0-15> ] LINE
o queue-list <1-16>
default
protocol
ip <0-16>
tcp <0-65535>
udp <0-65535>
ipv6 <0-16>
queue <0-16>
o radius-server
host A.B.C.D
key LINE
key LINE
o router
bgp <1-65535>
eigrp <1-65535>
ospf <1-65535>
rip
o service
nagle
password-encryption
o spanning-tree
mode
portfast default
o tacacs-server
host A.B.C.D
key LINE
key LINE
o username WORD
o vpdn enable
o vpdn-group WORD
ntp
o authenticateion
o trusted-key <1-4294967295>
o update-calendar
priority-list <1-16>
o default [ high | low | medium | normal ]
o protocol
ip [ high | low | medium | normal ] [ list <1-199> | tcp <0-65535> | udp <0-65535> ]
privilege [ configure | exec | interface | line | router ] [ all ] [ level <0-15> | reset ] LINE
queue-list <1-16>
o default <0-16>
o protocol
ip <0-16>
tcp <0-65535>
udp <0-65535>
ipv6 <0-16>
o queue <0-16>
o host A.B.C.D
key LINE
o key LINE
router
o bgp <1-65535>
o eigrp <1-65535>
o ospf <1-65535>
o rip
service
o nagle
o password-encryption
o portfast default
o vlan <1-1005>
priority <0-61440>
tacacs-server
o host A.B.C.D
key LINE
o key LINE
vpdn enable
vpdn-group WORD
<1-2147483647>
o deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o default
deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o exit
o no
deny
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o permit
A.B.C.D [ A.B.C.D ]
any
host A.B.C.D
o remark LINE
<1-2147483647>
o deny
[ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
[ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq<0-65535> | host A.B.C.D | gt<0-
65535> | lt <0-65535> | neq<0-65535> | range<0-65535><0-65535> ]
o permit
[ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
[ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq<0-65535> | host A.B.C.D | gt<0-
65535> | lt <0-65535> | neq<0-65535> | range<0-65535><0-65535> ]
default
o [ deny | permit ] [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
deny
o [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host A.B.C.D | gt <0-65535>
| lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-65535> | neq <0-65535> |
range <0-65535> <0-65535> ]
exit
no
o [ deny | permit ] [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535> | range <0-65535> <0-65535> ]
permit
o [ icmp | ip ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ]
o [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host A.B.C.D | gt <0-65535>
| lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-65535> | neq <0-65535> |
range <0-65535> <0-65535> ]
remark LINE
cdp enable
custom-queue-list <1-16>
delay <1-16777215>
description LINE
exit
ip
o helper-address A.B.C.D
o mtu <68-1500>
o ospf
authenticateion [ message-digest | null ]
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o proxy-arp
o split-horizon
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nd [ other-config-flag | na suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o rip WORD
default-information originate
enable
o summary-address eigrp <1-65535> X:X:X:X::X/<0-128> [ <1-255> ]
mac-address H.H.H
mtu <64-1600>
no
o arp timeout
o bandwidth
o cdp enable
o custom-queue-list <1-16>
o delay
o description
o duplex
o ip
helper-address
mtu <68-1500>
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu <1280-1500>
nd
ospf
dead-interval <1-65535>
hello-interval <1-65535>
network
priority <0-255>
o mac-address
o mtu
o pppoe enable
o priority-group
o shutdown
o speed
o standby
<0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295> ]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
ip A.B.C.D
ipv6
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o tx-ring-limit
pppoe enable
priority-group <1-16>
shutdown
speed [ 10 | 100 | 1000 | auto ] (10/100 options are only available for FastEthernet and GigabitEthernet interfaces and 10/100/1000
options are only available for GigabitEthernet interfaces respectively)
standby
o <0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
ip A.B.C.D
ipv6
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o preempt
o priority
o track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
tx-ring-limit <1-32767>
bandwidth <1-10000000>
delay <1-16777215>
description LINE
exit
ip
o helper-address A.B.C.D
o mtu <68-1500>
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o proxy-arp
o split-horizon
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nd [ other-config-flag | ra suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
mtu <64-1600>
no
o arp timeout
o bandwidth
o delay
o description
o encapsulation dot1q
o ip
address [ dhcp ]
mtu
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu
nd [ other-config-flag | ra suppress ]
ospf
cost
dead-interval
hello-interval
network
priority
o mtu
o shutdown
shutdown
standby
o ipv6 autoconfig
bandwidth <1-10000000>
cdp enable
clock rate <1200-4000000> (only certain clock rates that are listed are valid)
crypto map WORD
custom-queue-list <1-16>
delay <1-16777215>
description LINE
encapsulation
o hdlc
o ppp
o frame-relay [ ietf ]
exit
frame-relay
o interface-dlci <16-1007>
o map
ip A.B.C.D <16-1007>
cisco [ broadcast ]
ietf [ broadcast ]
cisco [ broadcast ]
ietf [ broadcast ]
ip
o mtu <68-1500>
o ospf
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o split-horizon
o virtual-reassembly
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nd [ other-config-flag | ra suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
mtu <64-17940>
no
o bandwidth <1-10000000>
o cdp enable
o clock rate
o custom-queue-list <1-16>
o delay
o description
o ecnapsulation
o frame-relay
interface-dlci <16-1007>
address [ dhcp ]
helper-address A.B.C.D
mtu <68-1500>
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
network
priority
split-horizon
virtual-reassembly
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
X:X:X:X::X/<0-128>
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
nd [ other-config-flag | ra suppress ]
ospf
cost
dead-interval
hello-interval
network
priority
o keepalive
o mtu
o priority-group <1-16>
o service-policy [ input | output ] WORD
o shutdown
o tx-ring-limit
ppp
priority-group <1-16>
shutdown
tx-ring-limit <1-32767>
exit
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o eigrp <1-65535>
o enable
o nd ra suppress
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
eigrp <1-65535>
enable
nd ra suppress
ospf
cost
dead-interval
hello-interval
network
priority
o shutdown
shutdown
tunnel
o destination A.B.C.D
o source
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
delay <1-16777215>
description LINE
exit
ip
o helper-address A.B.C.D
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
message-digest-key <1-255> md5 LINE
priority <0-255>
o proxy-arp
o split-horizon
ipv6
o address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
o dhcp
client pd WORD
server WORD
o eigrp <1-65535>
o enable
o mtu <1280-1500>
o nd [ other-config-flag | ra suppress ]
o ospf
cost <1-65535>
dead-interval <1-65535>
hello-interval <1-65535>
priority <0-255>
no
o arp timeout
o bandwidth
o delay
o description
o ip
address [ dhcp ]
helper-address A.B.C.D
ospf
authenticateion
authenticateion-key
cost
dead-interval
hello-interval
message-digest-key <1-255>
priority
proxy-arp
split-horizon
o ipv6
address
WORD X:X:X:X::X/<0-128>
X:X:X:X::X link-local
autoconfig
dhcp
client pd WORD
server WORD
eigrp <1-65535>
enable
mtu
ospf
cost
dead-interval
hello-interval
network
priority
o shutdown
o standby
<0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295]
ip A.B.C.D
ipv6
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
shutdown
standby
o <0-4095>
ip A.B.C.D
ipv6 autoconfig
preempt
priority <0-255>
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
o ip A.B.C.D
o ipv6 autoconfig
o preempt
o priority <0-255>
o timers <1-254>
o track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Serial <0-9>/<0-24>[.][<0-4294967295>]
no
o vtp
client
password
transparent
v2-mode
vtp
o client
o domain WORD
o password WORD
o server
o transparent
o v2-mode
description LINE
exit
match
o access-group
<1-2699>
name WORD
o any
o class-map WORD
o cos <0-7>
o input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
o ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6
| cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
o not
access-group
<1-2699>
name WORD
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol [ arp | bgp | cdp | dhcp | dns | eigrp | ftp | gre | h323 | http | icmp | ip | ipsec | ipv6 | ntp | ospf | pop3 | rip | rtp |
skinny | smtp | snmp | ssh | syslog | tcp | telnet | tftp | udp ]
qos-group <0-1023>
o precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
o protocol
arp
bgp
cdp
dhcp
dns
eigrp
ftp
gre
h323
icmp
ip
ipsec
ipv6
ntp
ospf
pop3
rip
rtp
skinny
smtp
snmp
ssh
syslog
tcp
telnet
tftp
udp
o qos-group <0-1023>
no
o description [ LINE ]
o match
access-group
<1-2699>
name WORD
any
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
not
access-group
<1-2699>
name WORD
class-map WORD
cos <0-7>
input-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3
| cs4 | cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol
arp
bgp
cdp
dhcp
dns
eigrp
ftp
gre
h323
icmp
ip
ipsec
ipv6
ntp
ospf
pop3
rip
rtp
skinny
smtp
snmp
ssh
syslog
tcp
telnet
tftp
udp
qos-group <0-1023>
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
protocol [ arp | bgp | cdp | dhcp | dns | eigrp | ftp | gre | h323 | http | icmp | ip | ipsec | ipv6 | ntp | ospf | pop3 | rip | rtp |
skinny | smtp | snmp | ssh | syslog | tcp | telnet | tftp | udp ]
qos-group <0-1023>
exit
exit
no
exit
no
o reverse-route
o set transform-set
reverse-route
default
o secret
exit
no
o secret
secret [ 0 | 5 ] LINE
bgp
o log-neighbor-changes
o redistribute-internal
o router-id A.B.C.D
exit
neighbor
o A.B.C.D next-hop-self
o A.B.C.D remote-as <1-65535>
network
no
o bgp
log-neighbor-changes
redistribute-internal
router-id A.B.C.D
o neighbor
A.B.C.D next-hop-self
o network
o redistribute
connected
eigrp <1-65535>
ospf <1-65535>
match
external
internal
nssa-external
static
o synchronization
redistribute
o connected
o eigrp <1-65535>
o ospf <1-65535>
match
external
internal
nssa-external
o static
synchronization
timers bgp <0-65535> <0-65535>
auto-summary
exit
no
o auto-summary
o distance eigrp
o metric weights
o redistribute
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
default
o variance
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o Vlan <1-1005>
o default
redistribute
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric bandwidth delay reliability effective BW
MTU ]
variance <1-128>
exit
no
ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric bandwidth delay reliability effective
BW MTU ]
static
o router-id
o shutdown
redistribute
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric bandwidth delay reliability effective BW
MTU ]
o static
router-id A.B.C.D
shutdown
area
o [ <0-4294967295> | A.B.C.D ]
authenticateion message-digest
default-cost <0-16777215>
nssa no-summary
stub no-summary
virtual-link A.B.C.D
default-information originate
distance <1-255>
exit
log-adjacency-changes [ detail ]
no
o area
[ <0-4294967295> | A.B.C.D ]
authenticateion message-digest
default-cost <0-16777215>
nssa no-summary
stub no-summary
virtual-link A.B.C.D
o default-information originate
o distance <1-255>
o log-adjacency-changes [ detail ]
o redistribute
metric <0-16777214>
ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-
4294967295> ]
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
default
o router-id
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o Vlan <1-1005>
o default
redistribute
o bgp <1-65535> [ metric <0-16777214 | subnets | tag <0-4294967295> ]
o metric <0-16777214>
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-4294967295>
]
router-id A.B.C.D
area <1-65535>
o default-cost <0-16777215>
o nssa [ no-summary ]
o stub [ no-summary ]
o virtual-link A.B.C.D
distance <1-254>
exit
log-adjacency-changes [ detail ]
no
o area <1-65535>
default-cost <0-16777215>
nssa [ no-summary ]
stub [ no-summary ]
virtual-link A.B.C.D
o distance <1-254>
o log-adjacency-changes [ detail ]
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
default
o redistribute
metric <0-16777214>
ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-
4294967295 ]
o router-id
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o default
redistribute
o metric <0-16777214>
o ospf <1-65535> [ match { external [ 1 | 2 ] | internal | nssa-external } ] [ metric <0-16777214> | subnets | tag <0-4294967295 ]
router-id A.B.C.D
auto-summary
default-information originate
distance <1-255>
exit
network A.B.C.D
no
o auto-summary
o default-information
o distance <1-255>
o network A.B.C.D
o passive-interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
Loopback <0-2147483647>
Serial <0-9>/<0-24>
Vlan <1-1005>
default
o redistribute
o timers basic
o version <1-2>
passive-interface
o Ethernet <0-9>/<0-24>[.][<0-4294967295>]
o FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
o GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
o Loopback <0-2147483647>
o Serial <0-9>/<0-24>
o Vlan <1-1005>
o default
redistribute
version <1-2>
exit
no
o distance
o redistribute
redistribute
default-router A.B.C.D
dns-server A.B.C.D
exit
no dns-server
dns-server X:X:X:X::X
domain-name WORD
exit
no
o dns-server X:X:X:X::X
o domain-name WORD
o prefix-delegation
prefix-delegation
databits [ 5 | 6 | 7 | 8 ]
exit
logging synchronous
login
o local
motd-banner
no
o databits
o exec-timeout
o flowcontrol
o history size
o logging synchronous
o login
local
o motd-banner
o parity
o password
o privilege level
o session-limit
o speed
o stopbits
o transport output
session-limit <0-4294967295>
speed <0-4294967295>
stopbits [ 1 | 1.5 | 2 ]
exit
no
no
o bandwidth
o priority
o queue-limit
o random-detect
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6
| cs7 | default | ef ]
dscp-based
prec-based
precedence <0-7>
o service-policy WORD
o set
ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 |
cs5 | cs6 | cs7 | default | ef ]
precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
o shape average
priority [ <8-2000000> | percent <1-100> ] [ <32-2000000> ]
queue-limit <1-4096>
random-detect
o dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6 | cs7 |
default | ef ] <1-4096> <1-4096> [ <1-65535> ]
o dscp-based
o prec-based
service-policy WORD
set
o ip
dscp [ <0-63> | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6
| cs7 | default | ef ]
o precedence [ <0-7> | critical | flash | flash-override | immediate | internet | network | priority | routine ]
Rommon Mode
boot
confreg config-register-number
dir flash:
help
reset
set
tftpdnld
unset variable
variable=value
Configuring Switches
The Config tab for the switch offers three general levels of configuration: global, switching, and interface. The global level offers the same settings
as a router. The routing level also offers the same configuration parameters as a router. The switching level, however, is where you can manage the
VLAN database of the switch. The interface level configurations also offer access to the VLAN settings of the switch. Note that the Config tab
provides an alternative to the Cisco IOS CLI only for some simple, common features; to access the full set of switch commands that have been
modeled you must use the Cisco IOS CLI.
Throughout your configurations in the Config tab, the lower window will display the equivalent Cisco IOS commands for all your actions.
Global Settings
In global settings, you can change the switch display name as it appears on the workspace and the hostname as it appears in the Cisco IOS. You can
also manipulate the switch configuration files in these various ways:
Load an existing configuration file (in .txt format) into the startup configuration.
Switches: IOS
Packet Tracer uses a simplified model of the Cisco IOS. Click on the CLI tab in the switch configuration window to access the Cisco IOS command
line interface for the switch. Use the Copy and Paste buttons to copy and paste text to and from the command line. This page lists the Cisco IOS
command tree for Packet Tracer switches. For the Cisco Catalyst 3560-PS switch with Layer 3 capabilities, refer to the "Router IOS" page for
additional commands. The tree contains only Cisco IOS command chains that are supported in Packet Tracer.
User Mode
<1-99>
connect WORD
disconnect <1-16>
enable <0-15>
exit
logout
ping WORD
show
o arp
o cdp
entry
* [ protocol | version ]
interface
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
neighbors [ detail ]
o clock
o etherchannel
load-balance
port-channel
summary
o flash:
o history
o interface
Vlan <1-1005>
etherchannel
switchport
trunk
o ip interface
Vlan <1-1005>
brief
o mac address-table
dynamic
interfaces
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
Port-channel <1-64>
static
o privilege
o sessions
o ssh
o tcp [ brief ]
o terminal
o users
o version
o vlan
brief
id <1-1005>
name [ WORD ]
telnet [ WORD ]
traceroute WORD
Enable Mode
<1-99>
clear
o arp-cache
o cdp table
o mac address-table
o vtp counters
configure terminal
connect [ WORD ]
copy
o flash
ftp:
running-config
startup-config
tftp:
o ftp:
flash:
running-config
startup-config
o running-config
startup-config
tftp:
flash:
ftp:
o startup-config
running-config
tftp:
flash:
ftp:
debug
o ip icmp
o sw-vlan
packets
vtp events
dir [ flash: ]
disable
disconnect <1-16>
enable [ <0-15> ]
erase startup-config
exit
logout
no debug
o all
o ip icmp
o sw-vlan
packets
vtp events
ping [ WORD ]
o [ Protocol ] [ Target IP address ] [ Repeat count ] [ Datagram size ] [ Timeout in seconds ] [ Extended commands ] [ Sweep
range of sizes ]
reload
setup
show
o arp
o boot
o cdp
entry
* [ protocol | version ]
interfaces
Ethernet <0-9>/<0-24>[.][<0-4294967295>]
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
neighbors [ detail ]
o clock
o dhcp lease
o dtp
o etherchannel [ load-balance | port-channel | summary ]
o flash:
o history
o hosts
o interfaces
Vlan <1-1005>
etherchannel
switchport
trunk
o ip
arp
dhcp binding
interface
vlan <1-1005>
brief
ssh
o logging
o mac address-table
static
dynamic
interfaces
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
Port-channel <1-64>
o port-security
address
interface
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
o privilege
o processes
o running-config
o sessions
o snmp
o spanning-tree
active
detail
inconsistentports
interface
Port-channel <1-6>
vlan WORD
o ssh
o startup-config
o storm-control broadcast
o tcp [ brief ]
o tech-support
o terminal
o users
o version
o vtp
counters
password
status
ssh
o -v [ 1 | 2 ] -l WORD WORD
telnet [ WORD ]
traceroute [ WORD ]
o [ Protocol ] [ Target IP address ] [ Source address ] [ Numeric display ] [ Timeout in seconds ] [ Probe count ]
[ Minimum Time to Live ] [ Maximum Time to Live ]
undebug
o all
o ip icmp
o sw-vlan
packets
vtp events
vlan database
Global Mode
access-list
o <1-99>
o <100-199>
[ deny | permit ] [ ahp | eigrp | esp | gre | icmp | ip | ospf ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D
| any | host A.B.C.D ]
[ deny | permit ] [ tcp | udp ] [ A.B.C.D A.B.C.D | any | host A.B.C.D ] [ A.B.C.D A.B.C.D | any | eq <0-65535> | host
A.B.C.D | gt <0-65535> | lt <0-65535> | neq <0-65535> | range <0-65535> <0-65535> ] [ eq <0-65535> | gt <0-65535> | lt <0-
65535> | neq <0-65535< | range <0-65535> <0-65535> ]
o remark LINE
cdp run
enable
o password
7 WORD
LINE
o secret [ 0 | 5 ] LINE
end
exit
hostname WORD
interface
o Ethernet <0-9>/<0-24>
o FastEthernet <0-9>/<0-24>
o GigabitEthernet <0-9>/<0-24>
o Port-channel <1-6>
o Vlan <1-1005>
o range
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
Vlan <1-1005>
ip
o access-list
o default-gateway A.B.C.D
o dhcp
pool WORD
o domain-lookup
o domain-name WORD
o ftp
passive
username WORD
o name-server A.B.C.D
o ssh
authentication-retries <0-5>
time-out <1-120>
version <1-2>
line
o <0-16> [ <1-16> ]
o console <0-0>
logging
o A.B.C.D
o buffered <4096-2147483647>
o console
o host A.B.C.D
o on
o trap debugging
o Ethernet <0-9>/<0-24>
o FastEthernet <0-9>/<0-24>
o GigabitEthernet <0-9>/<0-24>
no
o boot system
o cdp run
o clock timezone
o enable
o hostname
o interface
Port-channel <1-6>
Vlan <1-1005>
o ip
access-list
default-gateway
domain-lookup
domain-name
ftp
passive
password
username
name-server
ssh
authentication-retries <0-5>
time-out <1-120>
version <1-2>
o logging
A.B.C.D
buffered
console
host A.B.C.D
on
trap debugging
Ethernet <0-9>/<0-24>
FastEthernet <0-9>/<0-24>
GigabitEthernet <0-9>/<0-24>
o mls qos
o privilege
configure
LINE
all
LINE
level <0-15>
level <0-15>
exec
LINE
all
LINE
level <0-15>
level <0-15>
interface
LINE
all
LINE
level <0-15>
level <0-15>
line
LINE
all
LINE
level <0-15>
level <0-15>
line
LINE
all
LINE
level <0-15>
level <0-15>
router
LINE
all
LINE
level <0-15>
level <0-15>
o service
password-encryption
time stamps
o vlan <1-1005>
privilege
o configure
LINE
all
LINE
level <0-15>
level <0-15>
o exec
LINE
all
LINE
level <0-15>
level <0-15>
o interface
LINE
all
LINE
level <0-15>
level <0-15>
o line
LINE
all
LINE
level <0-15>
level <0-15>
o router
LINE
all
LINE
level <0-15>
level <0-15>
service
o password-encryption
spanning-tree
o portfast default
username WORD
o password [ 0 | 7 ] LINE
o privilege <0-15>
password [ 0 | 7 ] LINE
o secret
vlan <1-1005>
vtp
o domain WORD
o mode
client
server
transparent
o password WORD
o version <1-2>
cdp enable
description LINE
exit
mac-address H.H.H
mdix auto
mls qos
o cos <0-7>
no
o cdp enable
o channel-group
o channel-protocol
o description
o duplex
o mac-address
o mdix auto
o mls qos
cos <0-7>
o shutdown
o spanning-tree
bpduguard
guard
link-type
portfast
o speed
o switchport
access vlan
mode
native vlan
nonegotiate
port-security
mac-address
H.H.H
sticky [ H.H.H ]
maximum
violation
priority extend
o tx-ring-limit
shutdown
spanning-tree
o guard root
speed [ 10 | 100 | 1000 | auto ] (10/100 options are only available for FastEthernet and GigabitEthernet interfaces and 10/100/1000
options are only available for GigabitEthernet interfaces respectively)
switchport
o mode
access
trunk
o native vlan <1-1005>
o nonegotiate
o port-security
mac-address
H.H.H
sticky [ H.H.H ]
maximum <1-132>
o trunk
allowed vlan
WORD
add <1-1005>
all
except <1-1005>
none
remove <1-1005>
native vlan <1-1005>
tx-ring-limit <1-32767>
description LINE
exit
ip
o helper-address A.B.C.D
no
o arp timeout
o description
o ip
address [ dhcp ]
helper-address A.B.C.D
o shutdown
o standby
<0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
ip A.B.C.D
ipv6 autoconfig
preempt
priority
preempt
priority
track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
shutdown
standby
o <0-4095>
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
ip A.B.C.D
ipv6 autoconfig
preempt
priority
o preempt
o priority
o track
FastEthernet <0-9>/<0-24>[.][<0-4294967295>]
GigabitEthernet <0-9>/<0-24>[.][<0-4294967295>]
exit
databits [ 5 | 6 | 7 | 8 ]
exit
login [ local ]
motd-banner
no [ access-class [ <1-199> | <1300-2699> | WORD ] [ in | out ] | databits | flowcontrol | history size | ipv6 | login | motd-banner |
parity | password | speed | stopbits ]
o 7 WORD
o LINE
speed <0-4294967295>
stopbits [ 1 | 1.5 | 2 ]
Rommon Mode
boot
dir flash:
flash_init
help
reset
set
unset variable
variable=value
Configuring ASA
The Config tab for the ASA offers four general levels of configuration: global, clientless vpn, switching, and interface. The global level, switching
and interface levels offer the same settings as a switch. Note that the Config tab provides an alternative to the CLI only for some simple, common
features; to access the full set of ASA commands that have been modeled you must use the CLI tab.
Throughout your configurations in the Config tab, the lower window will display the equivalent CLI commands for all your actions.
Clientless VPN
Clientless SSL VPN (WebVPN) allows for limited but valuable secure access to the network from any location. A remote client needs only an SSL-
enabled web browser to access http- or https-enabled web servers.
The Bookmark Manager is modeled after ASDM (Adaptive Security Device Manager). A bookmark is similar to a web browser bookmark which
contains a name/title and an URL.
The User Manager provides a GUI interface allowing bookmarks to be assigned to valid users. The users are created using ASA CLI command
username. When a user accesses the ASA via a browser, the ASA prompts for the username and password. After the authentication, if the user was
assigned a bookmark, the bookmark will be show to the user allowing access to the corresponding URL.
ASA
Packet Tracer uses a simplified model of the Cisco Adaptive Security Appliance Software. Click on the CLI tab in the ASA configuration window to
access the Cisco command line interface. Use the Copy and Paste buttons to copy and paste text to and from the command line. This page lists the
command tree for Packet Tracer ASA. The tree contains only command chains that are supported in Packet Tracer.
User Mode
enable [ <0-15> ]
exit
logout
quit
show
o version
traceroute [ ip | WORD ]
Enable Mode
configure [ terminal ]
copy
o disk0:
running-config
startup-config
tftp:
o flash:
running-config
startup-config
tftp:
o running-config
disk0:
flash:
startup-config
tftp:
o startup-config
disk0:
flash:
running-config
tftp:
o tftp:
disk0:
flash:
running-config
startup-config
dir
exit
logout
reload
show
o access-list
o activation-key
o arp
o clock
o crypto
isakmp [ sa ]
ipsec [ sa ]
map
o dhcpd
binding all
state
o disk0:
o file system
o flash:
o interface
inside
outside
Ethernet <0>/<0-7>
Vlan [<1-4090>]
ip brief
o ip address
o ipv6
access-list
interface brief
neighbor
route
o nat
o ntp status
o route
o running-config
o ssh
o startup-config
o switch vlan
o version
o vlan
o xlate
traceroute [ ip | WORD ]
Global Mode
aaa
o authentication
ssh
console LOCAL
telnet
console LOCAL
access-group [ WORD ]
o in [ interface ] [inside | outside ]
access-list [ WORD ]
o [ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD A.B.C.D A.B.C.D
]
o extended
[ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD A.B.C.D
A.B.C.D ]
class-map WORD
clock set hh:mm:ss [ MONTH | Day of Month] [ Day of Month | MONTH ] [ Year ]
configure terminal
crypto
o ikev1
policy [ 1-65535 ]
o ipsec
o map WORD
<1-65535>
set
dhcpd
domain-name [ WORD ]
end
exit
hostname WORD
http
o enable
o X:X:X:X::X/<0-128> [ inside | outside ]
interface
o Ethernet <0>/<0-7>
o Vlan <1-4090>
ipv6
o access-list WORD
[ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD A.B.C.D
A.B.C.D ]
names
no
o aaa
authentication
ssh
console LOCAL
telnet
console LOCAL
o access-group [ WORD ]
o access-list [ WORD ]
[ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD A.B.C.D
A.B.C.D ]
extended
[ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD
A.B.C.D A.B.C.D ]
[ echo | echo-reply | unreachable ]
o class-map WORD
o clock set hh:mm:ss [ MONTH | Day of Month] [ Day of Month | MONTH ] [ Year ]
o configure terminal
o crypto
ikev1
policy [ 1-65535 ]
ipsec
map WORD
<1-65535>
o dhcpd
o domain-name [ WORD ]
o end
o exit
o hostname WORD
o http
[ WORD ] [ A.B.C.D ] [ inside | outside ]
enable
o interface
Ethernet <0>/<0-7>
Vlan <1-4090>
o ipv6
access-list WORD
[ deny | permit ]
[A.B.C.D A.B.C.D A.B.C.D | any A.B.C.D A.B.C.D | host A.B.C.D A.B.C.D | object WORD
A.B.C.D A.B.C.D ]
o names
o ntp
authenticate
authenticateion-key <1-4294967295> md5 WORD [ <0-4294967295> ]
trusted-key <1-4294967295>
tcp
tcp-udp
udp
o policy-map
WORD
o route [ inside | outside ] [ Hostname | A.B.C.D ] [ Hostname | A.B.C.D ] [ Hostname | A.B.C.D ] [<1-255>]
o setup
o ssh
o telnet
timeout <1-1440>
o tunnel-group [ WORD ]
general-attributes
ipsec-attributes
o webvpn
ntp
o authenticate
o trusted-key <1-4294967295>
o tcp
o tcp-udp
o udp
policy-map
o WORD
route [ inside | outside ] [ Hostname | A.B.C.D ] [ Hostname | A.B.C.D ] [ Hostname | A.B.C.D ] [<1-255>]
setup
ssh
o timeout <1-1440>
telnet
o timeout <1-1440>
tunnel-group [ WORD ]
o general-attributes
o ipsec-attributes
webvpn
exit
ip
o address
A.B.C.D A.B.C.D
dhcp
nameif [ WORD ]
security-level <0-100>
shutdown
exit
forward
ip
o address
A.B.C.D A.B.C.D
dhcp
ipv6
o route
nameif [ WORD ]
security-level <0-100>
shutdown
exit
match
o access-list [ WORD ]
o any
o default-inspection-traffic
exit
webvpn
vpn-tunnel-protocol ssl-clientless
description [ LINE ]
port-object
exit
Rommon Mode
address addr
boot args
clear
confreg value
dev
file name
gateway addr
help
history
interface name
reboot
reload
repeat arg
reset
server addr
set
show cmd
tftpdnld
unset varname
The Config tab offers two general levels of configuration: global and interface. To configure at the global level, click the GLOBAL button to expand
the Settings button (if it has not already been expanded). To configure an interface, click the INTERFACE button to expand the list of interfaces,
and then choose the interface.
Global Settings
In the global settings, you can change the Display Name of the Linksys WRT300N.
Algorithm Settings
In the Algorithm Settings, you can override the global Algorithm Settings by unchecking Global Settings and then set your own values for the
Half-Open Session Multiplier, Maximum Number of Connections, and Maximum Number of Opened Sessions.
Internet Interface Configuration
In the Internet settings, you can set the Internet port to automatically obtain IP configurations with DHCP, manually set IP configurations with the
Static setting, or configure PPPoE authentication.
LAN Interface Configuration
In the LAN settings, you can set the IP Address and Subnet Mask of the LAN interface.
Wireless Interface Configuration
In the Wireless settings, you can set the SSID, Channel, and Authentication. You may set the authentication to WEP, WPA-PSK, WPA2-PSK,
WPA, or WPA2. For WEP, you need to set the Key to a 10-digit hexadecimal value. For WPA-PSK and WPA2-PSK, the PassPhrase needs to be 8-
63 ASCII characters long and the Encryption Type can be set to AES or TKIP. For WPA and WPA2, you need to enter the IP Address and Shared
Secret of the RADIUS server and then select AES or TKIP for the encryption type.
Linksys WRT300N: GUI
The GUI tab offers the same configurations and settings as the Config tab with some additional features for access restrictions, port forwarding,
DMZ access, administration, as well as router and network status. Make sure you click on the Save Settings button at the bottom to apply the new
settings to the Linksys WRT300N before going to any other tab.
Setup Configuration
In the Setup tab under the Basic Setup sub-tab, you can set the Internet Connection Type to either automatically obtain IP configurations with
Automatic Configuration - DHCP, manually set IP configurations with Static IP , or PPPoE. You can also set the LAN IP configurations and
DHCP server settings under the Network Setup section.
Wireless Configuration
On the Wireless tab under the Basic Wireless Settings sub-tab, the only settings you can change are the Network Name (SSID) and the Standard
Channel.
Under the Wireless Security sub-tab, you can set the Security Mode to Disabled, WEP, WPA Personal, WPA Enterprise, WPA2 Personal, or
WPA2 Enterprise. Depending on the security mode that you select, you will need to enter a WEP key, passphrase and encryption type for
WPA/WPA2 Personal, or the RADIUS server IP address, shared secret, and encryption type for WPA/WPA2 Enterprise.
Under the Wireless MAC Filter sub-tab, you can setup a wireless MAC address filter list to permit or prevent wireless clients from accessing the
wireless network. To setup the wireless MAC filter, set the wireless MAC filter to Enabled and then select whether you want the MAC filter to
prevent the listed clients from accessing the wireless network or to permit only the listed clients from being able to access the wireless network.
Afterwards, begin entering the MAC addresses of the clients that you want to include in the MAC filter and then click the Save Settings button.
Security Configuration
On the Security tab, there are no additional viewable sub-tabs and there are no parameters that you can edit.
Access Restrictions Configuration
On the Access Restrictions tab under the Internet Access Policy sub-tab, you can apply various access restrictions policies on the connected hosts.
To add a policy to the router, first select a policy you would like to edit from the Access Policy drop-down menu and then Enter a Policy Name for
the policy. Then, set the Status to Enabled. Next, click on the Edit List button and enter the host IP addresses you would like to apply the policy on
in the List of PCs dialog that shows up. After editing the list, click on Save Settings and Close inside the dialog. Back in the Linksys GUI, select
Deny to restrict all applications or select Allow for specific application access restriction. If you select Allow, you can choose up to three
applications to block. To block an application, select the application from the Applications list and click on the >> button to add it to the Blocked
List. To unblock an application, select the application from the Blocked List and click on the << button. If you want to remove a policy, select the
policy from the Access Policy drop-down menu and click Delete This Entry.
Administration Management
In the Administration tab under the Management sub-tab, you can change the default password to access the router through the Linksys Web
Configuration using the Web Browser and toggle Remote Management. In addition to this, if you are logged in using the Linksys Web
Configuration, you can Backup and Restore Configurations.
Under the Factory Defaults sub-tab, the only available feature is Restore Factory Defaults. This will reset the configuration back to default
settings.
Under the Firmware Upgrade sub-tab, you can upgrade the firmware of the Linksys WRT300N. To upgrade the firmware, click on Browse, select a
valid firmware image from the dialog that shows up, and then click OK. Once you have selected a firmware, click on the Start to Upgrade button to
upgrade the firmware.
Status
On the Status tab under the Router sub-tab, you can view Router Information and Internet Connection configurations. You can Release and
Renew the IP address of the Internet port.
Under the Local Network sub-tab, you can view the Local Network and DHCP Server configuration. You can view the DHCP Client Table as
well.
Under the Wireless Network sub-tab, you can view the various wireless configurations on the router.
Configuring PCs, Laptops, Tablet PCs, and PDAs
You can configure the global settings and interface settings on the PC, laptop, tablet PC, and PDA end devices with the Config tab. Additionally, the
Desktop tab provides tools to configure IP settings, configure dial-up settings, use a terminal window, open a host command line interface, open a
web browser, configure Linksys wireless settings, establish a VPN connection, generate PDUs, and issue SNMP requests.
Global Settings
In the global settings, you can change the Display Name of the end device. You may set the end device to either automatically obtain IPv4 or IPv6
configurations with DHCP or manually set the Gateway and DNS Server with Static. For IPv6, Auto Config will automatically configure the
Gateway and DNS Server IP addresses.
Algorithm Settings
In the Algorithm Settings, you can override the global Algorithm Settings by removing the checkmark from Global Settings and then setting your
own values for the Maximum Number of Connections, Maximum Number of Opened Sessions, and Maximum Retransmission Timeout in
Milliseconds.
Interface Configuration
PCs and laptops support Ethernet (copper or fiber), modem, and wireless interfaces. On the tablet PC and PDA, only the wireless interface is
supported. In general, you can set the interface Port Status, Bandwidth, Duplex, MAC Address, SSID, IP Address, Subnet Mask, Link Local
Address, and IPv6 Address. These options vary slightly for each interface type.
IP Configuration Utility
On the Desktop tab, click the IP Configuration icon to bring up the configuration utility. If the end device is connected to a DHCP configured router
or server, you can use DHCP to automatically obtain the IP configuration by clicking on the DHCP button. Otherwise, you may use the Static button
to manually set the IP configuration.
Modem Dial-up Utility
On the Desktop tab, click the Dial-up icon to bring up the Dial-up utility. Before you can access the dial-up utility, the end device must have the
modem interface installed. As a result, only the PC and laptop devices are supported. You can establish a modem connection by connecting a PC or
laptop to a cloud that is connected to a router. The cloud acts like a phone company between the PC or laptop and the router. Several conditions must
be met before the connection can be successful:
The router has a modem, and you have established user name authentication on the router (using the Cisco IOS global configuration mode
command username WORD password LINE).
You entered the correct user name, password, and number to dial on the modem utility of the PC or laptop.
If all the requirements are met, click the Dial button to make the call. The status line (as well as link lights) will tell you if the connection is
successful. Note that you still must configure all relevant IP settings manually if you want to ping between the router and the PC or laptop. Use the
Disconnect button to terminate the connection at any time.
Terminal Utility
If the end device is connected to a router or a switch by a console connection (using the RS 232 port on the PC), use the Terminal application to gain
access to the Command Line Interface (CLI) of the device. In the Desktop tab, click the Terminal icon to bring up this utility. Choose the appropriate
port configuration parameters for the console session, and then click on the OK button. The Terminal window appears with the CLI of the device.
?
arp
delete
dir
ftp
help
ipconfig
ipv6config
netstat
nslookup
ping
snmpget
snmpgetbulk
snmpset
ssh
telnet
tracert
PC Wireless Utility
On the Desktop tab, click the PC Wireless button to bring up the wireless client software. Note that the Linksys-WMP300N wireless hardware
module is required for access so only PCs and laptops are supported. In the Linksys wireless client software, you can check Link Information to
view wireless network status and statistics, Connect to any available Linksys wireless networks within range, and add/edit/delete Profiles to connect
to wireless routers not broadcasting their SSID.
VPN Utility
On the Desktop tab, click the VPN button to bring up the VPN client utility that allows you to create a VPN connection to a VPN server. To create a
VPN connection, enter the GroupName, Group Key, Host IP (Server IP), Username, Password, and then click on the Connect button. To
disconnect the VPN connection, click on the Disconnect button.
Traffic Generator Utility
The Traffic Generator utility is similar in functionality to the Add Simple PDU and Add Complex PDU tool in the Common Tools Bar, but with
some key differences. First of all, when you load a save file, packets are not sent automatically by a Traffic Generator. The Traffic Generator utility
must be open to generate traffic, although it can be minimized. Another key difference is that the Traffic Generator is unable to send multiple PDUs
simultaneously.
Visually, the Traffic Generator is similar to the Add Complex PDU dialog with some exceptions. Instead of a One Shot parameter, the Traffic
Generator has a Single Shot option. There is no field to enter a time value to send the PDU as the PDU will be sent the moment you click on the
Send button. With the Periodic option, when you click on the Send button, the Send button will become a Stop button and the dialog will become
gray. The Traffic Generator will then send a PDU at the interval that you entered. If you want to stop sending PDUs, click on the Stop button or close
the utility.
PDUs generated by the Traffic Generator are not added to the User Created PDU
Window. As such, if you want to see if the PDUs failed or were successful, you will need
to view the PDU's status in Simulation Mode.
The Config tab offers three general levels of configuration: global, services, and interface. To configure at the global level, click the GLOBAL
button to expand the Settings button (if it has not already been expanded). To configure services, click the SERVICES button to expand the list of
services, and then choose the service. To configure an interface, click the INTERFACE button to expand the interface, and then choose the interface.
Additionally, the Desktop tab provides tools to configure IP settings, open a host command line interface, and generate PDUs.
Global Settings
In the global settings, you can change the Display Name of the server. You may set the server to either automatically obtain IPv4 or IPv6
configurations by selecting the DHCP button or manually set the Gateway and DNS Server using the Static button. For IPv6, Auto Config will
automatically configure the Gateway and DNS Server IP addresses and Static allows the data to be manually supplied.
Algorithm Settings
In the Algorithm Settings, you can override the global Algorithm Settings by removing the checkmark from Global Settings and then setting your
own values for the Maximum Number of Connections, Maximum Number of Opened Sessions, and Maximum Retransmission Timeout in
Milliseconds.
a
address
b
big
blockquote
body
br
center
cite
code
dd
dfn
div
dl
dt
em
font
h1
h2
h3
h4
h5
h6
head
hr
html
i
img
kbd
meta
li
nobr
ol
p
pre
qt
s
samp
small
span
strong
sub
sup
table
tbody
td
tfoot
th
thead
title
tr
tt
u
ul
var
Additionally, you can also add or remove HTML files from the server. When a PC accesses an HTML page on the server using the Web Browser, the
HTML page will load in the Web Browser.
DHCP Service Configuration
In the DHCP service configuration, you can set up a DHCP server with many different IP address pools. To add a DHCP pool, enter the Pool Name,
Default Gateway, DNS Server address, Starting IP address to lease, Subnet Mask, and the Maximum number of Users, then click Add. If you
want to make changes to an existing DHCP pool, select the pool from the list and edit the fields you want to make changes to, and then click Save. If
you want to remove a DHCP IP address pool from the server, select the pool from the list and click Remove.
The default DHCP pool serverPool cannot be modified or edited.
When you click on the DNS Cache button, you can view all of the queries cached by the DNS server. The cached queries will be retained on the
DNS server for a period of time (TTL) set on the record stored on the SOA DNS server.
SYSLOG Service Configuration
In the SYSLOG service configuration, there are no parameters to set. The SYSLOG service logs messages from routers and switches in the network.
For each entry, the Time, HostName, and the actual Message are logged in the server.
AAA Service Configuration
In the AAA service configuration, you can set up the server to be a RADIUS or TACACS server. To add a RADIUS or TACACS server, enter the
Client Name, Client IP, Secret key, select either Radius or Tacacs as the Type of AAA server, and then click on the + button. To remove a AAA
server, select the AAA server entry in the list and click on the - button. In addition to configuring the AAA server, you also need to add authorized
users. To add authorized users, enter the UserName and Password for the user and click on the + button. If you want to remove a user, select the user
from the list and click on the - button.
NTP Service Configuration
In the NTP service configuration, you can set up the server to be an NTP server so that the date and time on the configured routers and switches are
synchronized. By default, the date and time on the server is synchronized with your local machine. If you wish, you can manually set the time and
date by selecting the date on the calendar display and incrementing or decrementing the time display. You can also set up Authentication by clicking
on Enable and then entering a Key and Password.
Email Service Configuration
In the Email service configuration, you can set up the server to use the SMTP and/or POP3 protocol(s). To configure an email server, first enter a
Domain Name and then click the Set button. Next, enter a User name and Password then click the Add button to create an email account. To
change a password on an email account, select the desired email account from the list and click Change Password button. A dialog will appear
allowing you to enter the new password. To delete an email account, select the desired email account from the list and click the Delete button.
FTP Service Configuration
In the FTP service configuration, you can add and remove FTP accounts, modify FTP account permissions, and remove files from the FTP service.
To add an FTP account, enter a UserName and Password. Then, select which permissions you would like the user to have such as Write, Read,
Delete, Rename, and List. Finally, click the Add button to create the FTP account. To remove an FTP account, select the desired FTP account from
the list and click on the Delete button. If you want to remove files from the FTP service, select the desired file from the file list and click on the
Remove button.
Interface Configuration
Servers can support two interfaces. You can choose from Ethernet (copper or fiber), modem, or wireless interfaces. In general, you can set the Port
Status, Bandwidth, Duplex, MAC Address, IP Address, Subnet Mask, Link Local Address, and IPv6 Address. These options vary slightly for
each interface type.
IP Configuration Utility
On the Desktop tab, click the IP Configuration icon to bring up the configuration utility. If the end device is connected to a DHCP configured router
or server, you can use DHCP to automatically obtain the IP configuration by clicking on the DHCP button. Otherwise, you may use the Static button
to manually set the IP configuration.
?
arp
delete
dir
ftp
help
ipconfig
ipv6config
netstat
nslookup
ping
snmpget
snmpgetbulk
snmpset
ssh
telnet
tracert
Configuring Clouds
The Config tab offers three general levels of configuration: global, connections, and interface. To configure at the global level, click the GLOBAL
button to expand the Settings button (if it has not already been expanded). To configure connections, click the CONNECTIONS button to expand
the list of connections, and then choose the connection. To configure an interface, click the INTERFACE button to expand the list of interfaces, and
then choose the interface.
Global Settings
The only global setting available for a cloud is its display name.
TV Settings
The TV Settings sub-panel allows you to manage TV images that would be displayed on a connected TV end device. To add a TV image, click the
Browse button and select an image. It is recommended that you use .PNG graphics. Afterwards, click the Add button to add the image to the list of
TV images. To remove a TV image, select the TV image from the list and click the Remove button.
Connection Settings
You can use the Frame Relay sub-panel to establish Frame Relay connections between sub-links on the ports of the cloud. Configure DLCIs on the
serial interfaces first, explained in a later section. Then, from the left Port drop down menu, choose a port and in the Sublink drop down menu, one
of its sub-links. Then from the right Port drop down menu, choose another port and one of its sub-links. Click the Add button to make a connection
between those two sub-links. The connection will now appear on the list. You can remove a connection from the list with the Remove button.
You can also use the DSL or Cable sub-panel to establish connections between modem ports (for DSL) or coaxial ports (for Cable) on the cloud to
the Ethernet ports on the cloud. To establish a DSL connection, choose the appropriate modem port on the left-side drop down menu and on the right-
side drop down menu choose an Ethernet port, which has its Provider Network set to DSL. Click the Add button to make the connection. You can
remove a connection from the list with the Remove button. To establish a Cable connection, choose the appropriate coaxial port on the left-side drop
down menu and on the right-side choose an Ethernet port which has its Provider Network set to Cable.
Interface Configuration
Clouds can support four interface types: modem, Ethernet, coaxial, and serial. For a modem port, you can set a Phone Number, which another
device with a modem port can dial. For an Ethernet port, you can set the Provider Network to either DSL or Cable. For a coaxial port, there are no
settings to configure. For a serial port, you can toggle its Port Status, choose an LMI (ANSI, Cisco, or Q933a), and assign DLCIs to the interface.
To add a DLCI, enter an identifying number and a name for it, and then click the Add button to add it to the list. You can remove a DLCI from the
port with the Remove button.
Configuring Other Devices
The configuration options for all other devices are relatively simple. In general, you can change their display names in their global settings sub-panel
and make changes to basic settings on each interface.
Bridges
A bridge is basically a simplified two-port switch. It does not have VLAN or trunking functions. The available settings for its two Ethernet ports are
Port Status, Bandwidth, and Duplex.
Repeaters
A repeater is a simple two-port device that regenerates the signal it receives on one port and forwards it out the other port. Its port settings cannot be
modified.
Hubs
A hub is a multiport repeater that regenerates the signal it receives on one port and forwards it out all other ports except the incoming port. Its port
settings cannot be modified.
Coaxial Splitter
A coaxial splitter is a simple three-port device that splits the signal so that multiple devices can connect to the same coaxial line.
Access Points
An access point is modeled as a repeater with one wireless port and one Ethernet port. In the settings for the wireless port, you can toggle the Port
Status, set the SSID, Channel, and Authentication. You may set the authentication to WEP, WPA-PSK, or WPA2-PSK. For WEP, you need to set
the Key to a 10-digit hexadecimal value. For WPA-PSK and WPA2-PSK, the PassPhrase needs to be 8-63 ASCII characters long and the
Encryption Type can be set to AES or TKIP. The available settings for an access point's Ethernet port are Port Status, Bandwidth, and Duplex.
Printers
The printer has the same configuration options as a PC excluding Algorithm Settings and desktop utilities.
7960
The 7960 IP Phone does not have any configurable options. In the GUI tab, you can place a call, answer a call, and send Do, Re, and Mi notes to the
recipient phone. To place a call enter the recipient's line number first using the keypad and then click on the handset to dial out. Alternatively, you
can pickup the handset first and then dial the number to place a call. To answer a phone call on the analog phone, click on the handset when the
phone is ringing. While the line is connected, you can send Do, Re, or Mi to the recipient by pressing the respective buttons. In order to hear the
sounds, be sure Sound is enabled in Preferences. To end a call, click on the handset.
Home VoIP
The Home VoIP only has Server Address configuration.
Analog Phone
The Analog Phone does not have any configurable options. In the GUI tab, you can place a call, answer a call, and send Do, Re, and Mi to the
recipient phone just like on the 7960 IP Phone.
TV
The TV can only be turned on or off.
DSL Modem
The DSL modem does not have any configuration options.
Cable Modem
The cable modem does not have any configuration options.
Keyboard Shortcuts
Many actions in Packet Tracer are keyboard-accessible for your convenience. In addition to key combinations, the following keys deserve extra
attention:
Alt: Press this key to activate the Menu Bar options. Press Alt plus the underlined letter in the in the menu bar to open the menu. Then press
the underlined letter in the command name that you want. In fact, whenever you see an underlined letter in any option or dialogue, you can press
that key to select it.
Ctrl: Use this key to quickly create multiple devices and connections. Press and hold the Ctrl key, choose a specific device or a connection
type, and then release the key. You can now quickly place multiple instances of that device on the workspace or make multiple connections of
that type between devices. Alternatively, you can press and hold the Ctrl key and drag a device on the workspace to duplicate the device. The
Ctrl key can also be used to prevent windows from docking (press and hold the key as you drag a window).
Shift: Use this key with the mouse to select multiple objects. Press and hold the Shift key, click and drag the cursor to draw a selection
rectangle around the objects you want to select, and then release the key. Alternatively, you can hold Shift, click on all the devices you want to
select, and then release the key. You can move the selected objects as one unit. You can also delete them with the Del key.
Esc: This key is a shortcut to the Select tool in the Common Tools Bar. It also serves as a "cancel" key. It closes certain pop-up windows or
cancels/stops the current action (e.g., continuously placing devices or continuously making connections).
Shortcut Action
Ctrl + N Start a New network.
Ctrl + O Open an existing network.
Ctrl + Shift + T Open Samples.
Ctrl + S Save the current network.
Ctrl + Shift + S Save the current network to a different name and/or directory (Save As).
Ctrl + Alt + Z Save As Pkz.
Ctrl + P Print the current network.
Alt + F4 Exit Packet Tracer.
Ctrl + N New Text Editor File (Valid in PC Desktop and Server Desktop)
Ctrl + O Open an existing Text Editor File (Valid in PC Desktop and Server Desktop)
Ctrl + S Save the current Text Editor File (Valid in PC Desktop and Server Desktop)
Keyboard Shortcuts
Many actions in Packet Tracer are keyboard-accessible for your convenience. In addition to key combinations, the following keys deserve extra
attention:
Alt: Press this key to activate the Menu Bar options. Press Alt plus the underlined letter in the in the menu bar to open the menu. Then press
the underlined letter in the command name that you want. In fact, whenever you see an underlined letter in any option or dialogue, you can press
that key to select it.
Ctrl: Use this key to quickly create multiple devices and connections. Press and hold the Ctrl key, choose a specific device or a connection
type, and then release the key. You can now quickly place multiple instances of that device on the workspace or make multiple connections of
that type between devices. Alternatively, you can press and hold the Ctrl key and drag a device on the workspace to duplicate the device. The
Ctrl key can also be used to prevent windows from docking (press and hold the key as you drag a window).
Shift: Use this key with the mouse to select multiple objects. Press and hold the Shift key, click and drag the cursor to draw a selection
rectangle around the objects you want to select, and then release the key. Alternatively, you can hold Shift, click on all the devices you want to
select, and then release the key. You can move the selected objects as one unit. You can also delete them with the Del key.
Esc: This key is a shortcut to the Select tool in the Common Tools Bar. It also serves as a "cancel" key. It closes certain pop-up windows or
cancels/stops the current action (e.g., continuously placing devices or continuously making connections).
Shortcut Action
Ctrl + N Start a New network.
Ctrl + O Open an existing network.
Ctrl + Shift + T Open Samples.
Ctrl + S Save the current network.
Ctrl + Shift + S Save the current network to a different name and/or directory (Save As).
Ctrl + Alt + Z Save As Pkz.
Ctrl + P Print the current network.
Alt + F4 Exit Packet Tracer.
Ctrl + N New Text Editor File (Valid in PC Desktop and Server Desktop)
Ctrl + O Open an existing Text Editor File (Valid in PC Desktop and Server Desktop)
Ctrl + S Save the current Text Editor File (Valid in PC Desktop and Server Desktop)
Time Constants
ICMP 1 ms
Packet Tracer simulates the behavior of real networks and devices using models. As with all simulations, the program is inherently limited by
modeling decisions. The following pages describe how protocols, features, and functions are modeled in Packet Tracer. Refer to these models if you
find discrepancies between real-world situations and Packet Tracer simulations. Packets captured from real networks remain the benchmark for
understanding networking protocols and devices. You are encouraged to compare and contrast the behavior of the protocol and device models used in
Packet Tracer with such captured packet data from real networks.
Layer 1 Models
If two or more ports receive frames at the same time, a collision occurs and the hub forwards a jam signal to all ports.
If one port receives a frame, the hub forwards the frame to all ports except the receiving port.
Authentication methods are none and WEP. WEP requires a 10 digit hex key. The authentication method and configuration must match on
both the wireless client and wireless server in order for them to be associated.
An antenna's coverage area is set to a specific area and cannot be changed. The signal strength based on distance is not calculated modeling
real physics.
Layer 2 Models
It compares the receiving port's type (trunk or access) to the frame's format.
The port is an access port while the frame has a Dot1q encapsulation format.
The port is a trunk port and the frame is not a Dot1q frame.
It drops the frame if the receiving port is a blocking port and the frame is not an STP frame.
It gets the frame's destination VLAN number from the VLAN tag in the Dot1q header.
If the frame's source MAC address is in the MAC table, it resets the entry's timer.
If not, it creates a new MAC entry in the table and starts a timer for it. When the timer expires (5 min), it
removes the entry.
If that VLAN is not configured, the switch broadcasts the frame to all trunk ports (except the receiving port) that allow
that VLAN number.
o If the receiving port is an access VLAN (the frame is destined for that VLAN), it continues to process it. It sends it to a higher process
if (any):
The frame's destination MAC address matches the active VLAN interface's MAC address.
It tries to find the active VLAN interface that is up, and then sends it out that interface.
If it cannot find such an interface, it finds the first VLAN that is allowed in the trunk that is configured on the switch.
If it can find such an interface, it encapsulates the frame with a Dot1q header with that VLAN number tag and
sends it out to the trunk.
o If the outgoing port is the same as the incoming port, it drops the frame.
If the trunk port allows the tag in the frame, it sends the frame.
If the trunk port does not allow the frame's tag, it drops the frame.
If the trunk port allows the VLAN that the frame is destined for:
The switch encapsulates the Ethernet frame with a Dot1q header and sends it out the trunk port.
If the trunk port does not allow the VLAN that the frame is destined for, it drops the frame.
If the frame's tag is the same as the port's VLAN, it de-encapsulates the frame (to an Ethernet frame) and sends
it out.
If the frame's destination tag is different from the port's VLAN number, it drops the frame.
If the receiving port's VLAN is the same as the outgoing port's VLAN, it forwards the frame.
If not, it drops the frame.
It checks if the destination VLAN is allowed in that port. If so, it sends the frame out that port with the appropriate format (see
the unicast frame sending logic).
If the destination VLAN is not allowed, or if the port is the same as the receiving port, the switch will not forward the frame
out that port.
Packet Tracer does not implement the process where each station continuously senses the channel.
The program assumes that if a jam signal is not received, the medium is available for transmission.
The program does not fragment a CPDU. Therefore, the Ethernet process only has to remember the previous PDU in the case of
retransmission due to collision.
The program does not implement the propagation time t from one end of a medium to the other. This forces all frames to take 2t to send.
The program implements the binary exponential back-off algorithm (IEEE 802.3):
o In the first collision, each station chooses either the 0 or the 1 slot time.
o In the event of a second collision, each station picks from four possible slot times: 0, 1, 2, 3.
o In the event of a third collision, each station randomly chooses a slot time from 0 to (2^3 - 1), or 0 to 7.
o In the event of further collisions (from the 4th to the 15th collision), each station randomly chooses a slot time from 0 to (2^i - 1),
where i is the number of collisions.
o The frame is discarded after the 16th retry
The STP is a technology that allows switches and bridges to communicate with each other to prevent loops in the network.
When a switch/bridge is added to a network, it sends out Bridge Protocol Data Units (BPDU) announcing itself as root.
Non-root switches/bridges mark the port closest to the root as root port. Every non-root switch/bridge will select one root port.
o If the port has the lowest root ID, it becomes the designated port.
o If the port has the lowest path cost to the root, it becomes the designated port.
o If the port has the lowest send ID, it becomes the designated port.
o If the port has the lowest port ID, it becomes the designated port.
Ports not marked as root or designated are marked as blocked. Additionally, in RSTP mode, if a port on a switch is connected to the switch
itself, it is marked as a backup port, otherwise it is marked as an alternate port.
The root bridge in the STP will periodically send BPDUs out while non root bridges will forward these frames when it is received.
In the RSTP, all bridges periodically send BPDUs out with their current information.
o If the migration delay has expired, change the port to run in the STP mode.
If the frame does not contain superior information, the switch drops the frame. The information is superior if it contains lower
root ID, lower root path cost, lower bridge ID, or lower port ID.
Records the superior information and selects new root bridge and designated port if necessary. If the device was the root, sends
a TCN BPDU through the root port.
If the BPDU is received on the root port, forward the frame out through designated ports.
If the frame is received on a non-designated port, the switch drops the frame.
If the device is the root, the switch sets topology change flag to true in the BPDU.
If the device is not the root, the switch forward the frame out through root port.
If the frame is an agreement frame, set the port to forwarding state and make it designated.
o If the port has root guard enabled, block this port and mark it as inconsistent.
o Otherwise:
If the frame is from myself, block this port and mark it as a backup port.
Otherwise make the received port the new root port and block all other non edge ports.
Send out a reply with the same information as the received BPDU but with the agreement flag set.
o If the information is from our root port, check for a better root port.
o Otherwise:
If my root path cost is lower than the received root path cost, set my port to be designated forwarding.
If my bridge ID is lower than the received bridge ID, set my port to be designated forwarding.
If my port ID is lower than the received port ID, set my port to be designated forwarding.
If my port ID is higher than the received port ID, set my port to be backup blocking.
If port security is on and the receiving port is not in dynamic mode port security processes the frame.
o It sets the last source MAC address and VLAN on the port from the received frame information.
o If any Mac entry exists with the same source MAC address:
If the interface of the MAC entry is the same as the receiving interface and same VLAN as the receiving interface, the frame
passes port security.
Otherwise
If the MAC entry is a dynamic entry then removes the dynamic entry and:
If the maximum allowed secure MAC addresses is reached it drops the frame and goes to the violation mode.
If the maximum allowed secure MAC addresses is not reached the frame passes the port security process.
If the MAC entry is a static entry then it applies the violation mode because another port in the same VLAN has the
same static MAC address.
o If MAC entry with the same source MAC does not exist:
If the maximum allowed secure MAC addresses is reached, drops the frame
If the frame passes the security process and the sticky MAC address is on, on the received interface, the MAC entry gets added to the MAC table as a
static entry.
A switch port can be configured with secure MAC addresses even if the port's line protocol is down.
When the port's line protocol changes from down to up, if there is a list of secure MAC addresses for the port waiting to be added to the MAC table,
the port security checks the MAC entries with the same VLAN address as the current port.
If there is the same MAC address on the current port which is an sticky MAC, port security deletes the secure MAC from the list and does not
add it to the MAC table.
If the MAC address does not exist in the MAC table, then it adds a MAC entry for that secure MAC to the MAC table.
If the port is configured with dynamic administrative mode and nonegotiate is not on.
When the switch port on the other side of the link receives the DTP update it (flowchart here):
If the port is dynamic and is not in the nonegotiate state it processes the frame.
o If the same MAC entry (with the same source MAC address as the received frame) exists on the receiving port then restart the timer
for that entry.
DTP process updates the port's operational mode based on the received DTP port status.
o Otherwise it adds a new MAC entry to the MAC table and sets a timer for it.
DTP process updates the port's operational mode based on the received DTP port status.
If the number of neighbors on that port which are sending DTP frames is more than one or is equal to zero
If remote neighbor's port is in the administrative mode of desirable or trunk set the operation mode of local port to trunk.
Otherwise, set operation mode to static access.
If remote neighbor's port is in administrative mode of desirable or trunk or auto set the operation mode of local port to trunk.
Otherwise, set operation mode to static access.
o If the local port's administrative mode is access then drop the frame and do not process any DTP frames.
o If the domain name on the VTP frame does not match the switch's, then drop the frame and stop.
o If the switch's domain name is set and the one in the VTP frame is different, then drop the frame and stop.
o If the switch's domain name is not set, then set the domain name to be the one in the VTP frame, and recalculate MD5.
o If the MD5 in the VTP frame does not match the on the switch, then drop the frame and stop.
o If the version is different, then take the one in the VTP frame.
o If the config revision in the VTP frame is smaller than the one on the switch:
o If the config revision in the VTP frame is larger than the one on the switch:
o If the domain name on the VTP frame does not match the switch's, then drop the frame and stop.
o If not expecting a Subset Advertisement, then drop the frame and stop.
o If the config revision in the VTP frame is different than the expecting one, then drop the frame and stop.
o If the sequence number in the VTP frame is different than the expecting one, then drop the frame and stop.
If it does not receive a keepalive from the other end for a certain period of time, it brings down the line protocol.
If the interface is configured to not use keepalives, it would bring up the line protocol even if it does not receives keepalives from the other
end.
o If the partnerDevice in the etherchannel portData matches the partnerDevice in the received frame
Negotiation is successful and the port is changed either to trunk or access mode
o Send the packer to the next highest layer for further processing
If no method is selected, uses source Mac address as the load balance method.
The frame is then sent to the lower layer for further processing.
It supports IPv4 and IPv6 routing protocols such as RIP, EIGRP, and OSPF.
Each physical interface can be independently configured to be switched or routed ports. Switched ports are layer 2 ports that allow only layer
2 configurations and functionalities. Routed ports allow layer 3 functionalities just like a port on a router. They are switched ports by default.
If it does not receive a keepalive from the other end for a certain period of time, it brings down the line protocol.
If the interface is configured to not use keepalives, it would bring up the line protocol even if it does not receives keepalives from the other
end.
PPP requires authentication before a connection is made. The authentication types available in Packet Tracer are none, PAP, and CHAP.
Each side of the connection can use different authentication methods, but the other end must support them.
The authentication type set on one side is the authentication type required on the other side.
Setting authentication to none means allow the other side to authenticate without any username or password checking.
Both PAP and CHAP use a username and password to authenticate the other side. CHAP provides a stronger encryption and authentication
method.
o Discovery stage:
There are four steps to the Discovery stage. When it completes, both peers know the PPPoE SESSION_ID and the peer's
Ethernet address, which together define the PPPoE session uniquely.
Based on the configuration on server side it may need to authenticate the client through:
No authentication needed.
PPP frame, PPPoE frame adding the session id to the id field of PPPoE header, and Ethernet frame (destination MAC
address of server)
If the session ID matches one of the client's that the server has negotiated with, it de-encapsulates the packet and send it to PPP
for future processing.
o When server receives a PPPoE frame, it checks the received PPPoE session ID and if session ID is known:
If packet is destined for a particular client that a session has been negotiated with:
It encapsulates the packet in PPP and PPPoE frames with the particular session ID and sends it to the client
A Frame Relay PVC is a logical link whose endpoints and class of service are defined by network management. A PVC consists of the
originating Frame Relay network element address, originating data-link control identifier, terminating Frame Relay network element address, and
termination data-link control identifier. "Originating" refers to the access interface from which the PVC is initiated. "Terminating" refers to the
access interface at which the PVC stops. Many data network customers require a PVC between two points. DTE that needs continuous
communication uses PVCs.
LMI virtual circuit status messages provide communication and synchronization between Frame Relay DTE and DCE devices. These
messages are used to periodically report on the status of PVCs, which prevents data from being sent into black holes (that is, over PVCs that no
longer exist).
Frame Relay Inverse ARP can be used as a method of building dynamic routes in Frame Relay networks running IP. Inverse ARP allows the
communication server to discover the protocol address of a device associated with the virtual circuit. Inverse ARP is used instead of the frame-
relay map command which allows you to define the mappings between a specific protocol and address and a specific DLCI. Inverse ARP is not
needed for a point-to-point interface because there is only a single destination and discovery is not required.
Frame Relay subinterfaces provide a mechanism for supporting partially meshed Frame Relay networks. Most protocols assume transitivity
on a logical network; that is, if station A can talk to station B, and station B can talk to station C, then station A should be able to talk to station C
directly. Transitivity is true on LANs, but not on Frame Relay networks unless A is directly connected to C.
Configuring Frame Relay subinterfaces ensures that a single physical interface is treated as multiple virtual interfaces, which allows you to
overcome split horizon rules. Packets received on one virtual interface can be forwarded to another virtual interface, even if they are configured
on the same physical interface. Subinterfaces address the limitations of Frame Relay networks by providing a way to subdivide a partially
meshed Frame Relay network into a number of smaller, fully meshed (or point-to-point) subnetworks. Each subnetwork is assigned its own
network number and appears to the protocols as if it is reachable through a separate interface.
When a Frame Relay Cloud receives a frame, it looks up the connection created by the user. If a connection is found, the Cloud forwards the
frame out the port specified in the connection. If the connection is not found, the frame is dropped. When a router receives a frame, it looks up
the DLCI specified in the frame. If the DLCI is mapped to an interface, the frame is passed to that interface. If the DCLI is mapped to an
interface, the frame is dropped by the router.
How Cable/DSL Works
DSL
o A digital subscriber line (DSL) connection is a high-speed connection that uses the same wires as a regular telephone line. DSL
services are dedicated point-to-point network access over twisted-pair copper wire on the local loop between a network service provider's
central office and the customer site.
o DSL circuits connect DSL modems to a digital subscriber line access multiplexer (DSLAM) creating three data channels: a high-speed
downstream channel, a low-speed upstream channel, and a basic telephone service channel. The DSLAM (the cloud) provides one of the
main differences between DSL and cable modems. Because cable-modem users generally share a network loop that runs through a
neighborhood, adding users means lowering performance in many instances. ADSL provides a dedicated connection from each user to the
DSLAM. Therefore, users won't see a performance decrease as new users are added.
o A DSL Modem can be used to connect to a modem port defined in the Cloud using telephone wire. Another device (such as a PC or a
router) is connected to Ethernet port on the DSL Modem. The DSL Modem acts like a bridge forwarding traffic from one port to the other
port.
Cable
o In a cable TV system, signals from the various channels are each given a 6-MHz slice of the cable's available bandwidth. When a
cable company offers internet access over the cable, data can use the same cables because the cable modem system puts downstream data
into a 6-MHz channel. Thus Internet downstream data takes up the same amount of cable space as any single channel of programming.
Upstream data uses 2-MHz channel.
o Just like DSL, high-speed cable requires a modem at the customer end and a cable modem termination system (CMTS) at the provider
end. CMTS (the Cloud) functions like DSLAM in a DSL environment. The CMTS takes the traffic coming in from a group of customers on a
single channel and routes it to an Internet service provider for connection to the Internet. A CMTS enables many connections to the Internet
through a single 6-MHz channel. A single channel is capable of up to 40 Megabits per second of total throughput.
o Unlike DSL, data channels to CMTS are shared. If these channels are saturated with user traffic, the theoretical bandwidth may not be
achieved. However, this particular performance issue can be resolved by the cable company by adding a new channel and splitting the user
base. Another difference between DSL and cable is that the downstream information flows to all connected users. It is up to the individual
network connection to decide whether a particular block of data is intended for it or not. On the upstream side, information is sent from the
user to the CMTS directly without other users seeing it.
o A Cable Modem can be used to connect to a coax port defined in the Cloud using coaxial wire. Another device (such as a PC or a
router) is connected to an Ethernet port on the Cable Modem. The Cable Modem acts like a bridge forwarding traffic from one port to the
other port.
ISP
o Multiple Ethernet ports can be added to the Cloud emulating ISP networks.
o Multiple modem ports can be mapped to a single Ethernet port that is defined to use DSL as the provider network.
o Multiple coax ports can be mapped to a single Ethernet port that is defined to use Cable as the provider network.
o For DSL connections, traffic received on a modem port will be forwarded to the corresponding Ethernet port. Traffic received on an
Ethernet DSL port will be forwarded to the correct DSL modem.
o For Cable connections, traffic received on a coax port will be forwarded to the corresponding Ethernet port. Traffic received on an
Ethernet Cable port will be forwarded to all coax ports connected to that Ethernet port.
Layer 3 Routing Models - RIPv1 RIPv2 EIGRP OSPF
RIP-enabled.
Not RIP-passive.
RIP versions
The router deals with RIP packets differently depending on what version of RIP it is running.
o Send broadcasts.
If it is running RIPv2, it can:
o Send multicasts.
o Send broadcasts.
The router sends regular updates every 30 seconds. The update contains all of the information in the routing table.
The router sends triggered updates only when a route has changed or an interface changes state (up or down).
o The incoming port does not have a valid IP address or is not RIP-enabled.
Create a RIP response packet, which contains information about a route or the entire routing table (depending on the
request).
o Look through each RIP route portion of the packet (the portion from address family identifier, or AFI, to the metric). A RIP packet can
contain up to 25 RIP route portions.
o For new routes, ignore the route portion if the metric is now 16.
o If the packet contains information about a network that does not exist in the RIP database, it is added to the database.
o If a network already has an entry in the RIP database, update it with the latest information.
o Send out new and updated routes on the next triggered update.
It checks to see if the EIGRP process for the autonomous system that is specified in the packet is enabled.
o The packet does not come from the same subnet as the receiving interface.
If so, then it removes the acknowledged packet from the neighbor's output queue.
Otherwise, it checks the sequence number on the packet and the neighbor's last heard sequence number.
If the sequence number on the packet is larger than the last heard, then update the last heard.
If the sequence numbers are the same or the one on the packet is smaller than the last heard, then it drops
the packet.
If so, it removes the acknowledged packet from the neighbor's output queue.
If there are not, then it sends an Acknowledgment packet back to the neighbor.
It checks if the packet is an Update packet. If so, then it processes the Update packet.
It checks if the packet is a Query packet. If so, then it processes the Query packet.
It checks if the packet is a Reply packet. If so, then it processes the Reply packet.
It checks if the Hello packet has matching K values as the EIGRP process.
o If not, then it removes the neighbor from the router's neighbor table.
o If not, it adds the new neighbor to the neighbor table, and sends a full update of its topology table to the new neighbor.
It checks if updating the topology table does not cause the process to query other neighbors.
If it does not, then reply the best route to the queried neighbor.
It checks if the replied route is better than the best heard in the reply table.
o If so, then it replaces the best heard in the reply table with the replied route.
It replies to all queried neighbors with the best-heard route from the reply table.
It gets the old best route and old best metric to the network.
It gets the new best route and new best metric to the network.
If there is no neighbor to query, then it removes the network from topology and routing table.
o If the new best route is feasible, then it adds all successors for the network to the routing table.
Update neighbors.
It checks to see if an OSPF process is enabled on the port that received the packet.
o The packet does not come from the same subnet as the receiving interface.
o The packet is for (backup) designated router and the router is not.
o The receiving interface does not have the same area id as indicated in the packet.
It checks if the packet is a Database Description packet (DDP). If so, then it processes the DDP.
It checks if the packet is a Link State Request (LSR) packet. If so, then it processes the LSR.
It checks if the packet is a Link State Update (LSU) packet. If so, then it processes the LSU.
It checks if the packet is a Link State Acknowledgment (LSAck) packet. If so, then it processes the LSAck.
o If not, then it prints out a warning message and drops the packet.
o If not, it adds the new neighbor to the neighbor table and sets the neighbor state to 2-WAY.
The underlying network is broadcast and the router itself is designated router, backup designated router, the
neighboring router is designated router, or the neighboring router is backup designated router.
o If not, then it performs designated router election after wait timer expires.
If the state is start, the master/slave relationship is formed based on router ID. The neighbor state is updated to exchange.
During the exchange state, the OSPF process goes through all the link state advertisement (LSA) headers stored in the packet. If the router
does not have the LSA described in the header, it stores the header in the queue.
If there are no more DDPs, the neighbor state transitions to loading. The headers stored in the queue are used to generate LSRs.
When an OSPF process processes a Link State Request (LSR) packet (flowchart here):
It looks up its Link State Database and puts the information in the Link State Update (LSU) packet and sends to the adjacent neighbor.
After all the corresponding LSUs are received for the LSRs, the neighbor state transitions to full.
When an OSPF process processes a Link State Update (LSU) packet (flowchart here):
It validates the LSA's checksum. If the checksum is invalid, discard the LSA.
It checks the LSA's type. If the type is unknown, discard the LSA.
It checks the LSA's age. If the age is equal to maximum allowed value and there is currently no instance of the LSA in the router's database,
and none of router's neighbors are in states exchange or loading states, then the router sends an acknowledge.
If the LSA is the same instance as the database copy, and the LSU is not used as an implied acknowledgment, send a LSAck to the neighbor.
If the database copy is more recent, discard the LSA without acknowledging it.
When an OSPF process processes a Link State Acknowledgment packet (flowchart here):
It checks neighbor's state. If the neighbor is in a lesser state than exchange, discards the packet.
It checks if the acknowledgment is for an instance of a LSA stored in the retransmission list for the neighbor. If yes, the OSPF process
removes the LSU from the retransmission list.
When an OSPF process updates the routing table with a route (flowchart here):
All routers in the same autonomous system belonging to the same area should have identical database.
After a LSA has been added to the database, the OSPF process starts a timer. The router performs shortest path first (SPF) calculation after the
timer expires. The SPF algorithm uses LSAs stored in the database to generate OSPF routes. The routes are added to the routing table.
o Router checks for that specific type of the route in its routing table
If any exists that matches the redistribution command it will add the route to the destination protocol’s database or topology
table and sends out an update to its neighbors for that route.
If there is not any matching route in the routing table, it checks back the routing table for the newly receiving routes. If any
matches the command it will add it to the destination protocol’s database and sends out an update for that route to its neighbors.
If route which matches the redistribution command’s protocol gets deleted from the routing table the router sends out an update
to its neighbor and announces that specific route’s status as down.
o The router marks the metric of the matching routes as unreachable and sends an update to its neighbor about that route.
Once an interface comes up or a network commands gets added to any routing protocols.
o Router checks whether a redistribution command is configured. If there is any configured it will send an update out of that interface.
The CEF cache table contains entries matching destination networks to next hop IP address, next hop layer 2 information, and outgoing
interface.
The CEF cache table is built from lookups in the routing table and IP address to layer 2 information.
When packets are needed to be sent out, whether receiving from an interface or sending from the local device, it looks up the destination
network in the CEF cache table first.
If it is found, it uses that information to encapsulate and modify the frame and sends it out.
If it is not found, it uses process routing, which is same as looking up routing table and passing to lower layer for layer 2 encapsulation. It also
records the information in the cache table when the layer 2 information is complete.
Routing in IPv6 works the same way as in IPv4 with "ip classless" enabled, which is always enabled in Packet Tracer.
Display of routing table in IPv6 does not group networks together as in different classes in IPv4.
Multiple instances of RIP can be run at the same time on the same device.
EIGRPv6 and OSPFv3 work the same way as in IPv4 except the router-id's are still using IPv4 addresses. They can be either automatically
chosen from the assigned IPv4 addresses on the device or manually configured for the routing protocol instance.
Negotiate holdtimes, using the smaller of the neighbor's and this router's hold time.
o Set withdrawn route in neighbor's incoming routing information base table to be unfeasible
o If new route:
Run decision process to pick best routes to the main routing information base and install routes to the routing table
Run decision process to pick best routes to the main routing information base and install routes to the routing table
o If network is not installed in the main BGP routing information base table
If network is reachable
If route is not already installed, add route to routing table if not there
o Verify route is loop free (AS Path does not go through local AS)
o If synchronization is enabled, verify the route's next hop is reachable through an IGP
o If the route is the best route available, add route to routing table if not there
Remove all unfeasible routes from the main routing information base and send withdraws if necessary
IP version 4 is modeled.
IP addresses are 32 bits long, and displayed using the dot-decimal notation, where each octet or byte of the IP address is displayed in decimal
number and separated by a dot.
All class A, B, and C addresses (1.0.0.0 to 224.255.255.255) except loopback addresses (127.0.0.0 to 127.255.255.255) can be assigned to
ports.
All IP packet fields are displayed in the PDU details. However, only the following four fields are used: Destination IP Address, Source IP
Address, TTL, and Protocol.
The Protocol field in the IP packet identifies the layer 4 PDU. When a device sends an IP packet, it places the value corresponding to the layer
4 process or service in the Protocol field. When a device receives an IP packet, it dispatches the layer 4 PDU to a process or service
corresponding to the value of the Protocol field.
IP addresses are 128 bits long, and displayed as eight groups of four hexadecimal digits separated by colons.
There are no classes of addresses in IPv6. Each address assignment has an address and a prefix in the format with / followed by the prefix
length of the network.
All IPv6 packet fields are displayed in the PDU details. However, only the following four fields are in used: Destination IPv6 Address,
Source IPv6 Address, Hop Limit, and Next Header.
The Next Header field in the IPv6 packet identifies the layer 4 PDU or the next option in the IPv6 header. When a device sends an IPv6
packet, it places the value corresponding to the layer 4 process or service in the Next Header field. When a device receives an IPv6 packet, it
dispatches the layer 4 PDU or the IPv6 header to a process or service corresponding to the value of the Next Header field.
It checks to see if it has recently sent an ICMP message with the same identification as the received ICMP message.
If the packet is a Neighbor Solicitation, the process executes the following actions:
o If the destination IPv6 address doesn’t match with the receiving interface’s IPv6 address:
If there is an entry already exists in the ARP table, the entry will be updated with the information in the packet.
o If matched,
If the host device is not a switch, the process will update the ARP table with information from the packet (source IPv6 address,
source MAC address).
Then ND process creates an ARP Reply packet that contains its MAC address and sends to the source device.
If the packet is a Neighbor Advertisement, the process executes the following actions:
The device’s ARP process will updates the ARP table with the received information.
If there are buffers contained in the received packet, the ARP process takes out these buffers and resends them.
It the packet is a Router Solicitation, the process executes the following actions:
o It will drop the packet if the message is a not valid Router Solicitation. A valid Router Solicitation message must meet the following
conditions:
ICMP code is 0.
If the IP source address is the unspecified address, there is no source link-layer address option in the message.
o If the packet is a valid Router Solicitation, it will create a Router Advertisement and multicast it to the all-nodes group.
If the packet is a Router Advertisement, the process executes the following actions:
o It cancels any existing router solicitation timer scheduled on the receiving interface.
o It retrieves information from the Router Advertisement such as source IPv6 address, prefix and prefix length, and with the receiving
interface’s local link address, it creates an IPv6 address.
If the Router Advertisement’s prefix option is on-link, the ND process sets the newly created IPv6 address to the receiving
interface.
If the Router Advertisement’s prefix option is off-link, the ND process removes the IPv6 address from the receiving interface.
It checks if the total length (TTL) of the packet is greater than the MTU of the out-going interface. Note that setting of the mtu command will
override the ip mtu command.
o If yes, it checks if the packet has the DF flag on.
It checks if TTL is less than or equal to the value configured via the command ip mtu.
o It no,
Reassembling functionality:
o It checks if the buffer ID exists. The buffer ID is a combination of the source and destination address, and the protocol and
identification fields of the IP header.
o It updates necessary information for the reassembling resource with this fragment.
If successful, it sends the IP packet to the routing or host process for more processing.
If not successful due to missing fragments, it drops all fragments and releases the reassembling resource.
If no, it starts or restarts the reassembling timeout timer for this buffer ID.
It checks if the total length (TTL) of the packet is greater than the MTU of the out-going interface. Note that setting of the mtu command will
override the ipv6 mtu command.
o If yes, it checks if TTL is less than or equal to the value configured via the command ipv6 mtu.
If no,
It sends out fragments; each has the IPv6 Fragment Extension Header.
How IPv6 Does Path MTU Discovery at Middle Routers
Before sending out a packet at the middle router, IPv6 follows the process below (flowchart here):
It checks if the total length (TTL) of the packet is greater than the MTU of the out-going interface.
o If yes, it triggers the Path MTU (PMTU) process to send out an ICMPv6 Packet-Too-Big message to the source.
Reassembling functionality:
o It checks the IPv6 fragment extension header if the M flag is off, and the fragment offset (FO) is 0.
o It checks if the buffer ID exists. The buffer ID is a combination of the source and destination address, and the protocol and
identification fields of the IP header.
o It updates necessary information for the reassembling resource with this fragment.
If successful, it sends the IP packet to the routing or host process for more processing.
If not successful due to missing fragments, it drops all fragments and releases the reassembling resource.
If no, it starts or restarts the reassembling timeout timer for this buffer ID.
If the received port has an ACL configured and its an extended ACL:
Or else if the packet is just a pass through packet after been checked by the received port:
Else
Else
Else:
If inspection rule is NOT present, it sends the packet to the lower process without inspection.
Else
o ZFW checks if the received port and port to send are both zone members.
If both the ports are members of any zone, ZFW finds a match for the current zone-pair (recv port - send port zone pair).
If a match FOUND, it gets the policy map for this zone-pair and go through the classmap list.
If the policy-classmap action is to "drop" or no action set (default action is to drop), it creates a session
and updates the state table and drops the packet.
Else it creates a session and updates the state table. Then it passes the packet to the lower layer.
Else if either one of the ports is not part of any zone member, it drops the packet.
Or else if both the ports are not part of any zone member ( ie., router is not configured fully for Zone based firewall), it passes
the packet to the lower layer.
When a packet is received on a zone based firewall router port (flowchart here):
The packet is checked for a matching entry in the session table to see if it is part of an existing session:
o If a matching entry FOUND, it updates the state table entries and passes it to the higher layer/process.
o If NO matching entry found in the session table, it checks if the packet is intended for THIS router:
If a matching zone-pair is NOT found, it passes the packet to the higher layer.
o If ACL NOT present or acl PERMITS the packet, The device scans through the signature list to see if the signature is unretired and
enabled.
If the signature matches, it does all the actions defined for this signature:
If action has to deny the packet along with others, it denies the packet.
o If ACL DENIES the packet, the device denies the packet and returns from IPS.
If IPS is not enabled, the device returns from IPS, does ACL match, and proceeds.
If the received port was NOT inside nat port, or the sending port is NOT an outside nat port, or the packet header is invalid:
Else
o It lookups the NAT table for a matching dynamic entry for the local addresses.
If match FOUND,
It looks up the table for static matching entry for both source and destination.
If match FOUND for SOURCE and DESTINATION, or if match FOUND for SOURCE only, or match
FOUND for destination only
If NAT is NOT configured on the received port or the received packet header is invalid
It looks up the nat table for a matching dynamic entry for the global addresses:
If match FOUND:
It starts timer.
If NOT found:
Looks up the static matching entry for both source and destination addresses:
It checks whether the next hoping router port is an inside NAT port.
If NOT:
If shaping configured:
o It checks if shaping is full:
If no, it puts the packet in shape queue. Then it starts the timer and checks if software queue is full.
If NOT EMPTY, it calculates using the Weighted Random Early Detection (WRED) whether the packet can be dropped or not.
A packet is dropped if the average queue size is greater that maximum threshold or average queue size is between minimum and
maximum threshold and the packet count meets the threshold mark. If WRED calculates to DROP the packet:
If EMPTY:
If NOT,
If a packet getting out of the device is having the same source IP address as one of the tunnel interfaces that is configured on the device:
o IP layer encapsulates the GRE header in another IP header with source and destination address of associated tunnel interface.
After Ethernet and IP header are removed from the received data:
If the packet is getting out of the device is not encrypted, and it is interested traffic, and if the outgoing port is configured with the crypto map:
It gets the SA for the interested flow and encapsulates the packet in the ESP packet:
If SAs has been negotiated for AH, the router encapsulates ESP in AH segment and sends it to the lower layers
to process.
o If the port is not configured with a crypto map command, it drops the packet.
o Otherwise
If packet is encapsulated in AH, AH authenticates the packet and removes the AH header and pass the packet to ESP.
ESP decrypts the packet and removes the ESP header. Also it passes the decrypted packet to the next layer of data for
further processing.
Otherwise, it increments the error counter for the specific flow that matches the packet and drops the packet
Layer 4 Models
o It then maps the local port information and sends the payload up to a higher layer (the application layer) for processing.
If it cannot find the upper process based on the port information, it drops the segment.
o If yes,
If yes, it checks if the size of the out buffer is greater than the MSS:
If no, it checks if the usable window is smaller than the MSS, and there is more data in the out buffer than usable window size:
It updates and checks the unacknowledged data buffer for any segments needed to be retransmitted and transmits those
first.
Otherwise, it prepares the data in the out buffer into TCP segments, and it will eventually send all segments out.
o Else
If the sequence number in the received TCP header is less than the Receive-Next variable.
Else
o Else the server port sends back a RST and drops the segment.
Calculates the Receive-MSS and Send-MSS variables from the advertised MSS in the TCP header.
Updates the local IP.
Updates the Receive-Next with the ACK number in the TCP header.
Processes FIN.
Processes RESET.
Processes RESET.
Processes FIN.
Processes RESET.
Processes FIN.
If it is an ACK:
Processes ACK.
Increments the Receive-Next variable with the size of the received data segment.
Processes ACK.
Sends an ACK.
Else
If acked some packets, and nothing is being retransmitted, and there is buffer data,
Processes RESET.
Sends an ACK.
Processes RESET.
Processes RESET.
Processes ACK.
Processes RESET.
If a packet is getting out of the device is not encrypted, and it is an interesting traffic, and also if the outgoing port is configured with a crypto
map command:
ISAKMP initiates the negotiation for the first peer. It starts from the lowest crypto map sequence number and tries to negotiate with all peers
in the list until the first success.
o If an IKE peer with the same IP is not configured, the initiator starts phase I negotiation.
The initiator device sends out the first packet of negotiation by encapsulating all the ISAKMP policies that have been
configured with.
Otherwise, it sends the third message which includes the nonce numbers and the key for the peer to calculate DH
values.
Encrypts the identity of the receiver with the DH key and sends it to the peer.
Encrypts the identity of the sender with DH key and sends it to the peer.
o The initiator device encrypts the SA payload with the DH key calculated in the phase I, encapsulates it in an ISAKMP and sends it to
the peer.
If the match policy with sender found, it sends the encrypted matching policy to the peer.
Otherwise, it sends a notification to the peer, drops the packet, and deletes the IKE peer.
If the receiving device has sent back a matching policy, the initiator sends an ACK to the receiving device and successfully
finishes phase II.
If the port, that is receiving the ISAKMP packet, is not configured with crypto map:
If the port, that has received the ISAKMP packet, is configured with crypto map:
It checks if an IKE peer exists with the source IP of the receiving packet.
o IKE phase I negotiation is already done, and it starts negotiating for IKE phase II.
If an IKE peer does not exist with the same source IP of the receiving packet:
o The Initiator adds the peer to the IKE peer list and starts negotiating IKE phase I with the new peer.
o If the packet is the first IKE packet, the responder device processes the security associates payload to find a matching policy.
If a key exists, that has been associated with the peer IP, and a matching policy found.
It will continue with the negotiation by sending the accepting policy to the peer.
Otherwise, it sends a packet and rejects the policy. It also deletes the associated IKE peer.
o If the packet is the second packet of ISAKMP main mode, the initiator processes the payload:
If the payload is a notification, it processes the payload and deletes the IKE peer because there was not an existing policy or
key.
If the payload is a security associate payload which means that the peer has found a match with that policy the device:
Encapsulates a nonce (g,p) payload and its key payload in an ISAKMP packet and sends it back to the peer.
Calculates the public key (TA = g power a mod p). "a" is the private key for this peer.
If the receiving packet is the third packet of the main mode negotiation, the responder processes the nonce and key payload.
Calculate its public key (TB = g power b mod p). "b" is the private key for this peer.
The receiving device also encapsulates a nonce (g,p) payload and its key in an ISAKMP packet and sends it back to the
peer.
If the packet is the fifth packet of the main mode negotiation responder:
Gets the payload and identifies the identity of the peer by decrypting the encrypted msg.
If the packet is the sixth packet of the main mode negotiation initiator:
Gets the payload and identifies the identity of the peer by decrypting the encrypted message.
Initiator also starts phase II by encrypting (with the key) the existing SAs and sends it to the peer.
If the received packet is the first packet of the quick mode negotiation the responder processes it and sends the second
message:
It gets the ISAKMP data and decrypts it with the key that has been calculated in phase I.
Goes through all the security associates that the peer has sent.
If it finds a match
If no matching SA found,
If the packet has received is the second message of the quick mode, the initiator processes it and sends the third message:
It gets the ISAKMP data and decrypts it with they key that has been calculated in phase I.
Gets the accepted security associate that the peer has accepted.
If the received packet is the third message of the quick mode, the responder gets the ACK and creates SAs and IPSec peers. IT
marks the peer with phase II completed.
PC sends ISAKMP policies that it has been configured with plus nonce, a key, and identification payload.
Server sends a reply back after getting the first packet and checking for AAA values.
Server sends the accepting policy back plus ID, nonce, and key payload back to the client.
o Otherwise
If the group name and group key, that the client has sent the request to, do not match or do not exist, it drops the packet.
If the server has sent back its ID, Key and nonce with the matching policy.
o This ACK packet is encrypted with the DH shared key that has been calculated with nonce, and key of the received packet from the
server.
o If server is configured with AAA authentication for the client it sends a prompt to the client and requests the client's
username/password.
o Otherwise server authenticates the user and continues with the next message.
The client sends username/password when it receives the prompt from the server.
The server receives the username/password. It consults with either AAA server or its local configuration (based on the configuration):
o If match found:
Authenticates the client
o Otherwise, it denies the client to access the server and sends a notification back to the client.
o Otherwise, the client gets the IP, assigns the IP to its tunnel interface, and sends the last message of XAUTH mode, which is an ACK
to the server.
o Creates a new route in its routing table to the tunnel IP address of the new client.
o Sends a packet to the client to notify the PC to start the phase II.
Client receives the notification from the server and sends first phase II packet to the server. (for phase II please refer to router's phase II)
If PC which is an easy VPN client has a request to disconnect from an easy VPN server (flowchart here):
The client sends an informational packet to the server and requests to disconnect.
o Removes the interesting traffic and its associated SA for the client from its interested traffic table.
o Sends an informational packet back to the client.
The client receives the informational packet that sever has been disconnected:
Layer 7 Models
o The packet's destination MAC address does not match its own MAC address.
o If the packet is a DHCP-OFFER packet, it uses the information in the packet (including client IP address, offered IP address, server IP
address, and gateway address) to construct a DHCP-REQUEST packet and sends it back to the server.
o If the packet is a DHCP-ACK packet, it gets the IP address, subnet mask, and the gateway IP address from the packet and sets its IP
address configuration accordingly.
o If the packet is not a DHCP-OFFER or a DHCP-ACK packet, it will drop the packet.
When a DHCP client device does not receive a packet:
o If it gets an arp reply, it starts to assign the next available ip address from the 169.254.0.0/16 address block and sends out another ARP
Gratuitous.
o If it does not get an arp reply, it assigns the ip address to the port and continue sending out DHCP-DISCOVER packet.
o The packet is an Advertise message that meets any of the following conditions:
The content of the Client Identifier option does not match the client’s DUID.
The “transaction-id” field does not match the value the client used in its Solicit message.
o The packet is a Reply message that meets any of the following conditions:
The “transaction-id” field does not match the value used in the original message.
It sends a Request message to the DHCP server that the Advertise message was sent from.
o If the packet is a Reply message, it gets the prefix and prefix length from the message and combines with its received interface’s local
link address to create an IPv6 address and subnet mask. It also retrieves the gateway IPv6 address from the packet. Then the client sets its
IPv6 address configuration accordingly.
o The packet is a Solicit message that meets any of the following conditions:
The content of the Server Identifier option does not match the server’s DUID.
o If the packet is a Solicit message, it uses the information in the packet and its server configuration to construct an Advertise message
and sends it back to the client.
o If the packet is a Request message, it uses the information in the packet and its prefix pool configuration to construct a Reply message
and sends it back to the client.
File Transfer Protocol (FTP) is a standard network protocol used to exchange and manipulate files over a TCP/IP-based network, such as the
Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server applications.
FTP uses user-based password authentication and is used for transferring configuration files between Cisco Switches and Routers and also
available as a command in PC device.
If the packet is not a valid FTP response packet, it drops the packet.
Otherwise, it writes the received information stored in the packet onto the screen.
o Informs the application that uses FTP whether the response is successful or not.
o It then checks to see if any further FTP commands are expected to be sent and sends them out.
How FTP server processes work
The FTP server listens on the TCP port 21 for control connections and awaits FTP commands from the client. FTP can be run in active mode
or passive mode, which control how the data connection is opened.
In active mode the client sends the server the IP address port number that the client will use for the data connection, and the server opens the
connection. Passive mode was devised for use where the client is behind a firewall and unable to accept incoming TCP connections. The server
sends the client an IP address and port number and the client opens the connection to the server. By default passive mode is supported in this
version of PT.
The FTP server is available in Server device and is enabled by default. It can be configured via FTP configuration page for customizing FTP
server behavior.
If the user is not valid or fails authentication, then it informs the FTP client and terminates the control connection.
o If the FTP command is not supported by the server, an error message is sent back to the client.
o If the FTP command is supported by the server, the action is performed and result of the operation is sent back to the client.
USER
PASS
TYPE
PASV
RETR
STOR
RNFR
RNTO
DELE
QUIT
TELetype NETwork is a network protocol that utilizes TCP/IP protocol stack to establish a client/server connection. The user starts a
TELNET client process on a PC or a Cisco device using telnet command with server IP address. The TELNET server usually listens on TCP port
23 and awaits client connection requests. A TELNET packet is generated from the client process when a key is pressed.
Otherwise, it writes the received information stored in the packet onto the screen.
TELetype NETwork is a network protocol that utilizes TCP/IP protocol stack to establish a client/server connection. The user starts a
TELNET client process on a PC or a Cisco device using telnet command with server IP address. The TELNET server is started automatically on
a Cisco router or switch. The server listens on TCP port 23 awaiting client connection requests.
o If the information received is part of a command, it sends an echo back to the client.
o If the server is able to determine the command entered by the client, it sends the result back to the client.
o If the server does not understand the information received, it sends an error message back to the client.
Before a SSH connection could be established between client and server, both need to have an RSA key pairs generated, if the keys are not
generated connection will be refused by the other side.
In order for the Cisco device to generate RSA keys it needs to be configured with hostname and IP domain name.
The user starts a SSH client process on a PC or a router using “ssh –l” (-l is for login) command with the associated client’s user name which
is already configured on the SSH server, and IP address of the SSH server. The SSH server, usually listens on TCP port 22, awaits client
connection requests. A SSH packet is generated from the client process when a key is pressed.
Otherwise, it writes the received the information stored in the packet onto the screen.
If both client and server are not configured with RSA keys the connection will be refused by SSH server.
o If the username received in the connection request packet is configured on the server it will prompt the client for the password
Client will be prompted for the correct password up to 3 times. If the password that the client provides is not valid for the third
time it will be disconnected by the server.
o If the information received is part of a command, it sends an echo back to the client.
o If the server is able to determine the command entered by the client, it sends the result back to the client.
o If the server does not understand the information received, it sends an error message back to the client.
If the address is empty or starts with anything else other than http protocol, it drops the request since it is not supported in Packet Tracer.
If the address is an IP address or starts with http:// the HTTP client processes it.
o The HTTP client first finds the server IP through the server name by parsing the address in the address bar and:
If server name is not found, it tries to resolve the domain name through a DNS query.
If the HTTP message has the HTTP OK code, it fetches the page from the message and displays the message.
If the HTTP service is enabled, and a TCP connection with the HTTP client is established:
If the username and password in the HTTP request are not correct:
If the requested page exists on the server, the server creates a response packet and sends back an HTTP reply to the client.
If the requesting page does not exist on the server, the server sends back an error message to the client.
If the requested image exists on the server, the server creates a response packet and sends back an HTTP reply to the client.
If the requesting page does not exist on the server, the server sends back an error message to the client.
o If the post request is successful, the sever sends an HTTP success reply to the client.
o If the post request fails, the server sends an HTTP error reply to the client.
Other message codes are not supported in this version of PT, and the server drops the packet.
If outgoing mail server name is not found it tries to resolve the domain name through a DNS query.
The SMTP client constructs a request SMTP segment and connects the server through TCP sockets and starts a timer for its request.
If the SMTP message has the SMTP success codes it indicate that mail has been sent successfully
Else the error message from server is passed to mail browser to display appropriate error message.
If the SMTP service is enabled, and a TCP connection with the SMTP client is established:
Else
If Sender of this mail does not have user account on this server:
If the request is forward request and sender does not have user account on this server:
If incoming mail server name is not found it tries to resolve the domain name through a DNS query.
If incoming mail server name is found it gets the IP address The POP3 client constructs a request POP3 segment and connects the server
through TCP sockets and starts a timer for its request.
When an POP3 client receives a packet (flowchart here):
If the Pop3 message has the Pop3 success codes it indicate that mail has been received successfully and mail/mails are displayed in mail
browser
Else the error message from server is passed to mail browser to display appropriate error message.
If the SMTP service is enabled, and a TCP connection with the SMTP client is established:
o If User Exist:
o Else:
o If the file with the requested name exists on the TFTP server:
o If the file with the requested name does not exist on the TFTP server:
How TFTP servers and clients process incoming packets during a session
When a TFTP server or client receives a packet during a session (flowchart here):
o If the session is a WRITE session or the block number on the packet is not the expecting one:
If it is a GET-Request command:
o The SNMP Manager creates an SNMP GET-Request packet and sends to the destination agent.
If it is a GET-BULK-Request command:
o The SNMP Manager checks against the selected SNMP version and only sends out an SNMP GET-BULK-Request packet if the
SNMP version is of version 2 or above.
If it is a SET-Request command:
o The SNMP Manager creates an SNMP-SET-Request packet and sends to the destination agent.
How an SNMP Manager processes incoming packets
When an SNMP Manager receives an incoming packet (flowchart here):
It checks if the packet has a correct SNMP header. If it's correct, it goes to the next step. Otherwise, it drops the packet.
It checks if the timeout from the last sent request to this destination has expired. If it's not expired, it goes to the next step. Otherwise, it drops
the packet.
It checks if the SNMP header contains a correct SNMP PDU. If it's correct, it goes to the next step. Otherwise, it drops the packet.
It checks if the SNMP PDU is of the SNMP-GET-Response type. If it's correct, it goes to the next step. Otherwise, it drops the packet.
o If there is an error, it will signal the MIB browser to display the error string. Or the error string can be displayed via the command line.
o If there is no error:
It signals the MIB browser to display the result. Or the result can be displayed via the command line.
It checks if the packet has a correct SNMP header. If it's correct, it goes to the next step. Otherwise, it drops the packet.
It checks if it has configured the same community string as in the received SNMP header. If it has the community string configured, it goes to
the next step. Otherwise, it drops the packet.
From the PDU Variable Binding section in the SNMP PDU, the agent obtains the OID and checks if it has the MIB for this OID.
Based on the type of the request:
o If it is an SNMP GET-Request, the SNMP Agent obtains the value configured for this OID and sends back an SNMP-GET-Response
packet.
o If it is an SNMP GET-BULK-Request, the SNMP Agent obtains the values of all the child OIDs and sends back an SNMP-GET-
Response packet.
o If it is an SNMP SET-Request, the SNMP Agent checks the type of the value, and if it is correct, it configures the new value to the
device and sends back an SNMP-Get-Response method.
If logging is enabled:
o If the client has syslog servers (1 - N) configured, it constructs a syslog packet and sends the packet to the configured servers (1- N)
over UDP.
o If the received packet is not a valid syslog packet, server drops the packet.
How NTP works
When a client needs to update its time from a server:
If the NTP server address is configured, the NTP client creates and sends a time update request to the NTP server over UPD.
o The server updates the NTP request packet with current time and other relevant information and sends it back to client over UDP.
If authentication is not enabled at the NTP server, and the NTP client or authentication is not enabled at the client but enabled at the server:
o Time is fetched from the packet, and device time is updated with this time.
Else If the authentication is enabled at the client but not enabled at the server:
Else (authentication is enabled at the NTP server as well as at the NTP client)
o If key & password are not same for both the client and server:
Time is fetched from the packet, and device time is updated with this time to make clock synchronized.
Sends the DNS query message to the DNS server over UDP.
If the packet received is a valid DNS Response packet , it continues else drops the packet.
It checks if the Query Id matches with the pending request’s Query Id:
o If yes, it continues.
If this DNS Resolver belongs to a DNS Server (which means, this DNS Resolver is used by a DNS Server for sending secondary queries to
servers pointed by the NS records.)
o It deletes the corresponding query from the waiting-query-vector.
o It checks for the condition if the response code = 0 (which means failure) OR if the number of answer Resource Records =0,
o The DNS Resolver gets the DNS server to which it belongs to and calls the step - SearchDnsRecursively. (This step: gets the name to
translate and searches the local Database and Cache. If required, it searches other Name Servers as pointed by the NS records. Then it returns
the answers in a result vector.)
Response Code=3,
Number of Answers=0,
o If the step SearchDnsRecursively‘s result Vector size > 0 (which means, the address resolution is success)
If this Resolver DOES NOT belong to a DNS Server (which means it is functioning as part of a DNS Client)
o If number of answers in the response = 0, the resolver sends an event "name resolution failure" through a callback.
o Else if,
The resolved IP is present in the answers, the resolver extracts the IP Addresses.
The resolver sends an event "domain name resolution success" and sends the IP Addresses through a callback.
o Else, the resolver sends an event, "name resolution failure" through a callback.
Otherwise,
o The server calls the step - SearchDnsRecursively. (This step: gets the name to translate and searches the local Database and Cache. If
required, it searches other Name Servers as pointed by the NS records. Then it returns the answers in a result vector.)
o It Adds all the answer records. (Which contains the resolved IP Addresses)
o It checks if the answer record is from the local database and if an SOA record is present in the Database:
Otherwise
It continues.
It searches the Database and the Cache for the queried name. Find all the matching Resource Records (RRs).
It returns success (true) and the result vector, with all matching RRs.
Otherwise
Performs the step - CnameSearchRecursively. (This step tries to resolve the name searching for CNAME records recursively.)
If a matching A-record is found.
It returns success (true) and the result vector, with all matching RRs .
Otherwise
It performs the step - NSSearchRecursively - (This step searches for NS records, and if required sends query to servers pointed by NS
records )
If the step NSSearchRecursively returns false, (i.e., failed to find a related name server).
It gets the next level domain name ie; parent of the name (unless it reduces to null string) and repeats the same process recursively
SearchDnsRecursively
Otherwise
Otherwise
It continues.
Searches the Database (DB) and Cache for the queried name. Finds all matching NS - Resource Records (RRs).
Iterates through the matching NS records and searches for one which is not in the failed-queries list.
Perform the step - SearchDnsRecursively for the name pointed by the NS Record. (this is for finding out the IP address pointed by the NS
record. This step gets the name-to-translate from NS record. Searches the local Database and Cache and if required searches other Name Servers
as pointed by NS records.)
Otherwise,
If IP is resolved , Get the DNSClient from the owner device. From the DNS client, it sends a new DNS query to the resolved IP (of name
server) with the original query.
it returns success/true
It searches in the given vector of RRs, for CNAME resource records (RR) matching with the given name.
Gets the first record from resultVect and extract the cname.
Lets name-to-translate=cname
Performs the step - SearchDnsRecursively for the name-to-translate. (SearchDnsRecursively: It searches the local Database and Cache, and
if required, it searches other Name Servers as pointed by NS records for the name-to-translate).
It repeats SearchDnsRecursively for next matching CNAME record in the resultVect until no matching records are left in the resultVect.
Iterates through the result vector search for A-record matching the initial query name.
If matching RR found,
Otherwise,
o If yes, it sends the event authentication success to the user module through call back.
o Otherwise
If the result is Access Reject, it sends event-authentication failure to the user module through call back.
Otherwise, it sends the event authentication Error to the user module through call back.
Otherwise, it continues.
The Radius server verifies Client IP-client key matching and client type matching.
o Otherwise:
The Radius server extracts UserName and Password.
Authenticates.
If yes, it creates Access Accept packet and sends back to the client.
Otherwise, it creates Access Reject packet and sends back to the client.
o Otherwise
If the received packet is NOT a valid Tacacs Packet, it drops the packet.
Otherwise, it continues.
o Otherwise
If the packet is NOT a proper reply for a pending request, it drops the packet.
It sends the event password prompt to the client module through the call back.
If it is authentication Success, it sends the event Authentication Success to the client module through the call
back.
Otherwise, it sends the event Authentication Failure to the client module through the call back.
o Otherwise
If the received packet is NOT a valid Tacacs Packet, it drops the packet.
Otherwise
If Client IP-client key not matching or client type does not match:
The Tacacs server creates an Authentication Reject Packet and sends back to the Client.
If Authentication Success, it creates Authentication Accept Packet and sends back to the Client.
Otherwise, it creates Authentication Reject Packet and sends back to the Client.
o IP phone receives an ip address. Check if tftp is enabled by default or manually entered. If tftp is not configured
Else
Else
Check if CME has a line number available for this phone. If NOT,
Else
Registration successful.
Else
Caller phone creates udp port and sends openReceiveChannelAck to the CME with this udp port.
o Send H.323 setup message with RTP port to the target router.
o Target router looks up local directory for the dialed number. If NOT found,
o Else
Send back H.323 callProceeding to the source router/CME with the RTP port created.
Target phone create another udp port and sends openReceiveChannelAck to the CME with the udp port.
Caller phone creates udp port and sends openReceiveChannelAck to the CME with this udp port.
Other Models
o If so:
It checks to determine whether the packet is UDP, TCP or ICMP to get the packet's source and destination port.
It refers to the NAT table (using the global addresses) for the necessary translation.
It replaces the inside address and port with the local version.
o If the receiving port is not a NAT outside port, or if it is a NAT outside port but the requested IP address is not in the NAT table:
There is no route.
It finds a route, but the outgoing port of that route entry is the same as the receiving port.
If there is a route, it sends a reply with the receiving port's MAC address.
o If so:
o If the receiving port is not a NAT outside port, or if it is a NAT outside port but the requested IP address is not in the NAT table:
There is no route.
It finds a route, but the outgoing port of that route entry is the same as the receiving port.
If there is a route, it sends a reply with the receiving port's MAC address.
If so:
o It checks to determine whether the packet is UDP, TCP or ICMPv6/ICMPv4 to get the packet's source and destination port.
o It refers to the NAT table (using the inside global addresses) for the necessary translation.
It replaces the inside global address and port with the local version.
If a valid NAT entry is found in the table, form a new IP header – IPv6 or IPv4 depending on which higher process the packet
has to be sent.
o The packet is sent to the corresponding higher process from where it was received.
There is no route.
It finds a route, but the outgoing port of that route entry is the same as the receiving port.
If there is a route, it sends a reply with the receiving port's MAC address.
If the destination IP is a broadcast, it sets the packet's destination MAC address to the broadcast MAC address and sends the packet out.
If the destination IP is a multicast, it sets the packet's destination MAC address to the multicast MAC address and sends the packet out.
If the destination IP is a unicast, it looks up the ARP table to see if the destination IP matches an entry's IP address in the ARP table.
Sets the packet's destination MAC address to the entry's MAC address.
Sets and starts the timer for it as it waits for an ARP reply.
If none of the above is true, it proceeds with the ARP request. It:
o The packet's source IP is not in the same subnet as the receiving port's subnet.
o If the packet is an ARP request, it checks to see if the packet's destination IP matches the receiving port's IP address.
If they match, the device sends a reply with the receiving port's MAC address.
o If the packet is an ARP reply, the device checks if it submitted a request for the IP address found in the reply.
If the ARP table does not contain an entry with the IP and MAC addresses found in the packet, it will make a new entry
with those addresses.
If the ARP table already contains an entry with the IP and MAC addresses found in the packet, it just resets that entries'
timer. That entry will be removed from the table when its timer expires.
o If the receiving port is a NAT outside port, the router checks the NAT table for the packet's destination IP.
If the requested IP address is in the NAT table, the router sends a reply with the receiving port's MAC address.
o If the receiving port is not a NAT outside port, or if it is a NAT outside port but the requested IP address is not in the NAT table:
There is no route.
It finds a route, but the outgoing port of that route entry is the same as the receiving port.
If there is a route, it sends a reply with the receiving port's MAC address.
ACL checks for inbound ACL and if inbound ACL is configured on the interface:
ACL checks for outbound ACL and if outbound ACL is configured on the interface:
o If the packet is generated locally, it permits the packet.
If the statement permits the packet, the packet passes the ACL process.
If there is no match in the list, the ACL drops the packet by default.
Activity Wizard
The Activity Wizard is an assessment tool that allows you to create highly specific networking scenarios for other users. You can simply create
activities with instructions, an initial network, and an answer network. User can also create more dynamic activities with the Variable Manager and
design them using Evidence Centered Design methodologies using the Scoring Model.
This tool is particularly useful for instructors creating activities for students to complete. When students start an activity, they are presented with an
initial network and a set of instructions. Students follow the instructions to complete the activity, and then they can check their finished network with
the instructor's answer network. Instructors have full control over all aspects of the activity. The typical sequence for creating an activity is as
follows:
1. Create the answer network and set the assessment items, connectivity tests, and overall feedback.
2. Create the initial network, which will be the students' starting point. Typically, this network is similar to the finished answer network but with
specific features missing, devices with missing configurations and/or devices with misconfigured features. Alternatively, a blank initial
network may also be used.
3. Optionally, put constraints on the students' ability to use certain features during the activity.
5. Optionally, use the Scoring Model and Scripting engine in place of the assessment tree to create complex scoring rules for the grading of
activities.
Before opening the Activity Wizard, be sure to save your work on the workspace. Packet Tracer will clear the workspace when closing the Activity
Wizard.
You can access the Activity Wizard from the Extension menu. When you do so, you have the option to use the existing workspace as the answer
network.
A welcome screen that explains the basic steps to create an activity (similar to this page) will appear. You can then click on any of the pages in the
Activity Menu (on the left) to edit the various aspects of the activity.
After going through the various panels to create the activity, select Save from the Activity Menu to save the activity. Packet Tracer activity are saved
in the .pka file format.
Choose Exit from the Activity Menu to exit the Activity Wizard. Note that the workspace will be cleared after you exit, so remember to save your
files.
Instructions
The student instructions for the activity are entered in the Instructions panel. When students open the activity file, the instructions will appear in a
separate window that remains visible. The instructions should explain clearly the objectives for the activity. If tight restrictions are set for the activity,
you should also mention the intended methods to accomplish the objectives so as not to confuse students with locked out functions. You can use the
following supported HTML tags to format the instructions:
a
address
b
big
blockquote
body
br
center
cite
code
dd
dfn
div
dl
dt
em
font
h1
h2
h3
h4
h5
h6
head
hr
html
i
img
kbd
meta
li
nobr
ol
p
pre
qt
s
samp
small
span
strong
sub
sup
table
tbody
td
tfoot
th
thead
title
tr
tt
u
ul
var
However, note that if you do decide to use HTML tags, you must manually format every aspect of the text, including line breaks and paragraph tags.
Alternatively, you are able to import instructions from *.htm files using Import Page or Import All. Likewise, you can also export the instructions to
*.htm files by using Export Page or Export All. Use the Preview as HTML button to see how the text would look with HTML formatting applied.
If you do not use any HTML tags in the instructions, the text you type into the panel is exactly what students see. Additionally, you may separate the
instructions into multiple pages to reduce clutter or to divide contents within the activity.
The instructions in the screenshot tells the student to configure PPP. Depending on the assessment parameters, you may also need to specify such
details as exactly which port to connect to which device, the name of each device, and so on.
Answer Network
In the Answer Network panel, you construct the answer network, and mark the elements of the network on which you want to assess the students.
Click on the Show Answer Network button to view the workspace for the answer network. If you chose to convert the existing workspace to the
answer network when you first entered the Activity Wizard, that network will already be in place, and you may further edit it here. If you did not do
the conversion, you will have a blank workspace from which to work. Another option is to import an existing .pkt file and use it as the answer
network using the Import File to Answer Network button. After you have completed the answer network, you can export it (saving it as another .pkt
file) using the Export Answer Network to File button. Note: any changes to an imported .pkt file will be lost upon exiting the Activity Wizard
unless you export the answer network to file.
Connectivity Tests
Connectivity Testing is another method of assessment. Unlike the assessment items, which look up the student's network configuration and compare
it to the answer network configuration, connectivity testing is based on Realtime PDUs that are sent when the user clicks Check Results.
Connectivity Testing allows the activity to be graded based on network functionality and performance rather than matching of static configuration
parameters. The types of connectivity testing supported are the types of User Created PDUs contained in the first scenario of the answer network. For
each PDU, you may set the Test Condition to Do Not Test, Successful, or Fail.
Overall Feedback
The Overall Feedback allows you to set custom feedback messages for completed and incomplete activities. The Completed Feedback message is
shown when the activity is 100% complete. Otherwise, the Incomplete Feedback message is shown. There is also support for a subset of HTML
tags, as with the Instructions.
Settings
In the Settings tab, you may time the activity (keeping track of the elapsed time as students work on the activity with the Time Elapsed option) or
set a time limit (with the Countdown option).
You may also set Feedback Settings which will assess the user network against the assessment tree every few seconds. Enabling Dynamic
percentage feedback will assess the user network against the assessment tree every few seconds. Connectivity tests will not be assessed. Note that
large activities may degrade system performance. You have these options for dynamic feedback: No Dynamic Feedback, Show Score, Show Item
Count Percentage, Show Item Count and Show Score Percentage.
To prevent students from changing their user profile during an activity, you may enable User Profile Locking. If an attempt to change the user
profile is made while an activity is running, a dialog will appear warning that the activity will reset if the user information is changed. Optionally, you
may set the amount of time (in ms) to forward the answer network using the Answer Network Convergence option. A typical use case of Answer
Network Convergence is when you check the activity results after loading an activity, the results may show that the activity is incomplete as the
answer network has not converged in time. By setting an arbitrary time to forward the answer network, this issue would be resolved.
Initial Network
In the Initial Network panel, you set the network from which the user will start the activity. One option for setting up the initial network is to simply
copy from the answer network and edit parts of it. Do this by pressing the Copy from Answer Network button. Another option is to import a file
using the Import File to Init Network button and to edit that file. After creating the initial network, you can export it using the Export Init
Network to File button.
You start an activity by opening a saved activity (.pka) file. You will first see the Instructions window telling you how to complete the activity. You
can reposition or minimize this window to the Windows taskbar as you work on the activity. The Instructions window will also provide you a
Dynamic Percentage Feedback next to the word Completion on how far you are in the activity, which is updated every 3 seconds. Optionally, the
activity may display a timer, which is either the amount of time that has elapsed since the start of the activity or the amount of time left to complete
the activity. The Instructions window also contains several buttons: Top, Check Results, Reset Activity and < >. Turning on the Top option will
cause the Instruction window to stay on top at all times. Use the Check Results button to see your progress in completing the activity. Use the Reset
Activity button to return to the activity's initial settings and start over. Use the < > buttons to go forward or back a page in multiple-paged
instructions.
As a user (not the author of the activity), you can use the File > Save (or Save As )
command to save your current progress in the activity and finish the activity later from
where you left off. It is preferable to save it as a new file so you do not overwrite the
original activity file. When you re-open the file later on, you can still use the Reset
Activity button to restart from the initial network.
Overall Feedback
The Completed Feedback message is shown when the activity is 100% complete. Otherwise, the Incomplete Feedback message is shown.
Assessment Items
The screenshot below displays the results for the Assessment Items. For each Assessment Item, a message will display if it is Correct or Incorrect,
which depends on the answer network. An activity is fully completed when there are green checks on all components. A white check indicates that a
category is only partially complete. A red x indicates that an assessment item is missing or incorrect. The number of points the assessment item is
worth and the component(s) the assessment item belongs to are also shown as well. In this particular screenshot, it shows that the activity was nearly
completed, with only a few items incorrect. Also, per-assessment item feedback messages may be shown for incorrect items.
Connectivity Tests
The screenshot below shows the Connectivity Test results which are compared to the connectivity test conditions of the answer network.
Variable Manager
The Variable Manager provides the ability for an activity author to add dynamic capabilities into an activity. These capabilities allow an author to
create activities that change each time they are loaded or reset. This capability is enabled by creating pools of values and then creating variables
which use the pool values to enable dynamic capabilities. The variables allow you to change many aspects of an activity, including but not limited
too, Device names, IP addressing, Routing statements, DHCP and DNS records.
There are four types of variables that can be created in the Variable Manager and they are Seeds, Number, Strings and IP Addresses. With the
exception of the Seeds, the variables are created using a combination of a resource pool and an associated variable. Each type tab has a place to enter
both the pool and the variable information. The seeds tab, due to the simplicity of the type combine both parts into one operation.
You can set variables to select values in one of 4 ways. From drop-down menu if you select Random then the value will be selected randomly from
any values in the pool. By selecting Element Position the value will be an integer that selects the same position from the pool each time. Seed refers
to a position defined by a Seed variable in the Seed tab. This is a method for allowing the same position to be used in multiple variable selections.
Entire Range is a variable used in the Activity Wizard answer network to accept any input as correct as long as it is contained in the associated
pool. The typical sequence for creating a variable is:
2. Select the associated Pool Name (the pool must be already created to show in the dropdown list)
3. Specify the Variable Type (dropdown: Random, Element Position, Seed, Entire Range)
4. Specify the Value (if Element Position is selected a number within the range of values is specified, if seed is selected a seed name is entered
for the value)
An important setting to notice is the Show Variable Manager Interface at the bottom of the screen. By checking this checkbox you can set or assign
variables in the Instructions text, Assessment Items, and Initial Items. You can add all of the variables created by clicking on the Arrow (<--) next
to the variable name. In the Instructions panel, place the cursor where you want the variable to be placed at and then click on the Insert "<--" button
in the Variable Manager Interface. In the Assessment Items and Initial Items, only the items marked with a green dot can be assigned a variable.
To remove an assignment of the variable, select the appropriate variable and hit Delete on the keyboard.
Seeds
Seed values should be thought of as Index values for selecting other data variables, while not required. Make sure the pool range in greater or equal
to the Seed range of values. Valid Seed range is from 0 to 2,147,483,647. A seed should be a positive value, although negative values are legal,
otherwise using them as indexes in other variable pools and variables can cause unpredictable results.
To add Seeds you should fill in the required fields like Name, Minimum (usually "0") and Maximum Values by clicking on each cell of table and
typing in. The maximum value should match the total number of pool entries that the seed is used to select. If left blank, both values are set to zero
(0), so the first value in any pool is always selected.
Inserting the Test Value is optional and will specify the value to be used for the seed. This overrides random selection and is only used during Test
Activity mode. If a value is specified in the Test Value cell, it is used during any subsequent testing or running of the activity, until the value in the
cell is deleted or changed. To test all combinations simply increment the value in the Test Value cell until you have reached the value specified in the
Maximum cell.
For Edit entire rows just like Adding new Seed you can double-click in the cell and change the value and to Remove click anywhere in the row to be
deleted and press the Delete key. So to delete a value in the Variable Manager tables you must select and highlight the value, then delete. Do not just
click in the cell of the value you want to delete, because if you press delete after just selecting the cell and not the actual value, you will delete the
entire row in the table.
Seed values can be placed anywhere in Packet Tracer that a variable is accepted, in the Initial Network, the Answer Network, the Instructions, as
well as Device names and Notes on the workspace. The format for using a seed is the same as for any variable, using two braces to open and close
with the seed name in between the braces like this [[Index1]]. This is the same format that is used when Seeds are used in other pools or variables
setup. The value that is selected from the seed range will be displayed or used in other variable selections.
Number
Number Values enable the ability to add dynamic numbers into a PT scenario. These are often used like the graphic shows, creating a range of
numbers that can be concatenated and used as IP addresses. An example of how that would be done would be to use the four variables created like
this [[Oct1]]. [[Oct2]]. [[Oct3]]. [[Oct4]].
Numeric variables may be used in String and IP address pools using the [[Variable]] format after they have been created on the Number page.
Number Pools:
To Add Number Pools: fill in the required Name, Minimum and Maximum Values. You can edit entire rows of Number Pools by double-click on
the cell and change the value and for removing click anywhere in the row to be deleted and press the Delete key. Valid numbers range is positive and
negative integer. But remember to not use negative numbers as selection or index variables. Both of these values are required or the entry will not
remain in the table. Seed variables can also be substituted for integers by using this format: [[variablename]].
To Edit a Pool: just click in the cell and type a new value or new name.
To Remove a Pool value: Highlight the contents of any cell in the row and press the "Delete" Key, it you just click on the cell and delete the entire
row will be deleted and any associated number variables will be deleted also.
To Remove a Pool (an entire row in the table): click on a cell in the row and press delete. The entire row will be deleted and any number variables
using this Pool Name will be deleted also.
Number Variables:
After the number Pool has been created a variable can be created to use with the pool by entering a Variable Name, selecting a Pool Name from the
dropdown list, and then specifying a Value Type from its dropdown list. The four choices are:
Random: Select any value from the pool choices Element Position: Will select the Pool value as the specified position for the variable Seed: Will
select the Pool value specified by the resolved Seed variable value Entire Range: Used in the Answer Network, any value entered into the AW
Answer Tree that is included in the Pool will be considered correct.
If Element Position or Seed is specified, the associated integer value or Seed name must be entered in the Value cell. In the graphic above the Oct1
variable would resolve to a value of between 198 to 210 inclusive, based on the table and variable values. You can double-click in the cell and change
the value or reselect the dropdowns values. Clicking anywhere in the row and press the Delete key will cause the cell be deleted.
Strings
String Pools can be used to create different names for devices in the Packet Tracer activity, or again like Seeds and Numbers anywhere a variable
can be used. Text variables can also be used in the instructions area to change the scenario text. Since Packet Tracer initially converts every to strings,
text strings can also be used for IP addresses like the IP octet pool shows.
String variables may be used in IP Address Pools, using the [[Variable]] format.
String Pool:
To Add a Pool: Fill in the required Name and Text Field. The Text field can contain text, numbers, Seeds and Number Variable data, separated by
semi-colons. Seed and Number variables can be substituted for text data using [[variablename]].
To Edit a Pool: Select and highlight the text to be change and type over it.
To Remove a Pool value: Select and highlight the text, then press the "Delete" Key,
To Remove a Pool (an entire row in the table): click on a cell in the row and press delete. The entire row will be deleted and any number variables
using this Pool Name will be deleted also.
String Variables:
You can also add String Variables by filling in the required Name, Pool Name and Value type field. If Value Type is Element Position, an integer
value or Number Variable is specified in the value field. In case of Value Type is Seed, a Seed variable name is used in the Value field. See also
Number Variables.
IP Addresses
IP address pools allow for dynamic addressing schemes in Packet Tracer, they also allow for dynamic configurations in the initial network including
DNS and DHCP records. They also allow for multiple correct answers, for example in addressing schemes, when used in the answer network.
IP Address Pool:
To Add a pool: Fill in the required Name, Network Address, and Mask Values. The First and Last IP Address fields will automatically filled in
based on the Network and Mask fields, although they can be manually changed to the specific range of addresses needed. Seed, Number, and String
variables can be substituted for address data using [[variablename]].
To Edit a Pool: Double-Click in the cell and change the value. The First and Last IP Address fields can be edited to specify a smaller range of
addresses that is set by default.
To Remove: Click anywhere in the row to be deleted and press the Delete key
IP Address Variables:
To Add IP Address Variable fill in the required Name, Pool Name and Value type fields. If Value Type is Element Position, an integer value or
Numeric Variable is specified in the value field. If Value Type is Seed, a Seed variable name is used in the Value field. Editing and removing any
rows is just like IP Address Pool. See also Number variables.
{{RegEx:\b(192?)\.(168?)\.(1?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b}}
You would then insert the regular expression in replacement of a variable in assessment items tree by selecting the assessment item (e.g. IP Address)
and clicking once more on the current value of the assessment item (e.g. 0.0.0.0) such that field would becomes editable. Once the field is editable,
you can type in the regular expression and pressing Enter after you are done.
For more help with regular expressions, visit the Qt QRegExp documentation here:
http://qt-project.org/doc/qt-4.8/qregexp.html
Scoring Model/Scripting
The Scoring Model is an Evidence Centered Design process by which to assess work products through the application of scoring rules and textual
feedback. The Scoring Model is used to create complex rules for the grading of activities. When using the new Scoring Model, it is possible to
display customized feedback for every work product in the assessment tree (both positive and negative feedback) as well as overall and partial
feedback. It is not even necessary to link the feedback text to a work product if the purpose is to provide a simple message to the user.
The Scripting engine is a component of Packet Tracer that was designed to allow greater flexibility in creating scoring rules for Packet Tracer
activities that use the new Scoring Model. The Scripting engine is what allows this complex scoring model to exist. Each item created in the Scoring
Model exists as an object in the Scripting engine so that it can be accessed by any expression/scoring rule that the user creates.
An example of where the Scoring Model and Scripting engine would be beneficial is when an instructor wants to display a message to the user
indicating that the IP addressing is mostly correct, but not completely correct and not totally incorrect. This may happen when there are several
devices on the stage and one or two of the three are correctly addressed, but the third is not. Using the new Scoring Model, it is possible to provide
this sort of feedback based on the combination of multiple work products. The major benefit here is the ease of customization in complex scoring
scenarios, as well as a model that more closely aligns with the Evidence Centered Design process.
Example
An instructor wants to test that students know how to properly power on three devices in a network. However, the instructor wants to provide positive
feedback if all devices are turned on, and a single negative feedback if at least one of the devices is not powered. This particular style of feedback
doesn’t fit the standard Packet Tracer model of scoring and feedback so it is necessary to use the Scoring Model.
The instructor starts by placing three devices on the stage, Router0, Router1, and Router2. The Activity Wizard is then started and the existing
network is to be used as the answer network.
In the Answer Network page, the instructor will select the Scoring Model tab instead of using the Assessment Tree tab. Here, the instructor will need
to make a work product feature for each item that is to be retrieved from the user’s network. Since the activity is to test the power status of three
devices, three work product features will be needed. For simplicity, the items created will be named r0power, r1power, and r2power.
To create one of these work product features, the instructor clicks the + button under the Work Product Features section. In the dialog that pops up,
the name "r0power" is entered into the Name field. The Description is optional and left blank. For the expression, the instructor must use the help in
the nodes box at the bottom to find the proper path to the network setting that is to be checked. By default, the search starts in the "Network" and
moves into devices from there. Clicking after the string "Network:", the instructor then types any character to see the updated available nodes.
Noticing that Router0 is available, the phrase is completed to form "Network:Router0:". Once the final colon is entered, the list of options inside
Router0 is shown. Since, the purpose is to test the power, the final phrase is "Network:Router0:Power". The instructor would then create a work
product feature for each of Router1 and Router2 as well.
Now that the work product features are created, the instructor needs to compose the tests for each of the work product features. This is done using the
Scoring Rules section beneath that. According to Evidenced Centered Designed process, each work product feature must be assessed by applying a
scoring rule to it, which creates a Primary Observable. Previously, the work product features just defined the items we were interested in. Primary
observables take those interesting pieces of information and test them against some rule or expression. In this case, the instructor needs to determine
if the devices are powered, which is to say that our work product features have the value '1'. To make naming simple, the primary observables are to
be called r0poweron, r1poweron, and r2poweron.
To do this, the instructor clicks the + button under the Scoring Rules section, and selects Primary Observable from the Type drop-down list. In the
Name field, "r0poweron" is entered. The Description again is optional so is not entered. Next is the expression. This is a JavaScript string that will
be used to test the value of the work product feature. The template contains a portion for the condition, a true value, and a false value. The
evaluation of this expression is directly assigned to the value of the primary observable created. For this instance, the instructor wants to assign the
value 1 if the test is true and the value 0 if the test is false (it could also be assigned text strings, other numbers, scores, or other valid script
commands as well). The condition part of the expression is to test to see that our work product feature r0power has the value '1'. Erasing the
condition part of the template, it is replaced with "r0power == '1'". This directly compares the work product feature r0power against the string value
of '1'. Since the instructor wants to assign the number 1 when true, and 0 when false, each of those portions is replaced with 1 and 0 respectively. This
produces the final expression of "( r0power == ‘1’ ) ? 1 : 0;". This JavaScript command will assign the value 1 to r0poweron when the work product
feature r0power is equal to '1', and the value 0 for everything else. The instructor then repeats the process for the other two primary observables.
Next, the instructor needs to create an indicator for all three devices. This particular type of observable is called a Compound Observable since it
will be combining multiple primary observables in some manner into a single value. This value could be a score, or just another indicator of
correctness. To keep things simple, the instructor has decided to create it as an indicator which will take on the value 1 if all three devices are turned
on and 0 if at least one of the devices is off. The observable will be named "allpower".
To create this observable, the instructor again clicks the + button underneath Scoring Rules, but this time selects Compound Observable in the Type
drop-down list. In the Name field, "allpower" is entered and the Description is left blank. Like the primary observable, the same template applies to
compound observables. Here, the instructor needs to test that all three primary observables have the value 1 and assign the compound the value 1 if
they do, or 0 if they do not. One way the instructor can do this is to add up the values of all three primary observables and determine if the value is 3.
If it is, then all devices are powered on. If it is less than 3, at least one device is unpowered. The expression the instructor enters is the following
"( r0poweron + r1poweron + r2poweron == 3 ) ? 1 : 0;".
Lastly, the instructor wants to display some feedback. Since Packet Tracer has only one text to display feedback in it is necessary to place the entire
string into the unique Reporting Variable called OVERALL_REPORT. If all devices are powered on, the feedback should be "You have powered
all devices." If at least one device is unpowered the feedback should read "X devices are unpowered. Please fix the error and try again." The value X
should be the number of devices that are incorrectly powered.
Again, the instructor clicks the + under the Scoring Rules section and creates a Reporting Variable this time. In the Name field, the special name
"OVERALL_REPORT" is used. The expression this time is a little more complicated since the observable allpower does not contain the number of
devices, but a correctness indicator. It is possible to create another compound observable to show this, but the instructor decides to do the calculations
right in the expression to save time. The resulting expression is:
( allpower == 1 ) ? "You have powered all devices." : (3 – ( r0poweron + r1poweron + r2poweron)) + " devices are unpowered. Please fix the
error and try again.";
This particular expression checks the value allpower. If it is true then it display the first string, otherwise it composes an alternate string that contains
the value 3 – the number of correct devices (the number of incorrect devices).
When the instructor checks the Scripting tab, the instructor will notice that a new XML file called DATA: PROFICIENCY_MODEL has been
automatically generated which includes all of the work product features and scoring rules that were created as seen in the screenshot in the
"Scripting" section above.
Before the instructor can test the activity, the initial network is configured by copying it from the answer network and turning off the power to all
three devices. Instructions are entered to tell the student what to do, and then the activity is tested.
When the instructor tests the activity without turning any devices on it displayed "3 devices are unpowered. Please fix the error and try again."
However, if two devices are powered on, the feedback is "1 devices are unpowered. Please fix the error and try again." And lastly, when all three
devices are powered on, the feedback is "You have powered all devices."
Terms
Expression - A sequence of JavaScript commands that results in a value that can be assigned to an observable.
Work Product Feature - A particular element of interest in the Packet Tracer network. For example, the IP address assigned to Router0’s
FastEthernet0/0 port.
Primary Observable - The result of the application of a scoring rule or expression against a work product feature. Usually there is one primary
observable for each work product feature, and typically the value is true or false. As an example, if the IP address on Router0’s FastEthernet0/0 port
is equal to 10.0.0.1, then award 2 points.
Compound Observable - An application of aggregation rules to multiple Primary Observables. The values stored in a compound observable can be
any legal JavaScript value but typically are numerical scores or correctness indicators. As an example, add the points from IP addressing and routing
together.
Reporting Observable - Typically a string value named that represents some portion of feedback. For example: If the score is greater the 70, display
"Passed".
Assessment Items
AccessPoint | AnalogPhone | Asa | Bridge | CableModem | CiscoDevice | Cloud | CloudPotsPort | CloudSerialPort | Console | Device | DslModem | EtherChannel |
EtherChannelManager | FRSubInterface | HomeVoip | HostPort | Hub | IPPhone | Laptop | MultiLayerSwitch | MURemoteNetwork | Network | Pc | Pda | Printer | Port |
RoutedSwitchPort | Router | RouterPort | Server | Switch | SwitchPort | TabletPC | TerminalLineDevice | TV | WiredEndDevice | WirelessRouter |
AaaProcess - up
Name Node Type Variable Type
AAA Head
New-model Leaf Number
Authentication Head
Authen Command <User Defined> Leaf String
Authorization Head
Authorize Command <User Defined> Leaf String
AcsServerProcess - up
Name Node Type Variable Type
ACS Head
ACS Enabled Leaf Boolean
Network Configuration Head
Client <User Defined> Head
Client IP Leaf IP Address
Client Leaf String
Secret String Leaf String
Server Type Leaf Number
User Setup Head
User <User Defined> Head
User Description Leaf String
User Name Leaf String
User Password Leaf String
RadiusClientProcess - up
Name Node Type Variable Type
RADIUS Client Head
RADIUS Server Hosts Head
<User Defined> Leaf Number
RADIUS server key Leaf String
RadiusServerProcess - up
Name Node Type Variable Type
RADIUS Server Head
Port Leaf Number
TacacsClientProcess - up
Name Node Type Variable Type
TACACS Client Head
TACACS Server Hosts Head
<User Defined> Leaf String
TACACS server key Leaf String
AclProcess - up
Name Node Type Variable Type
ACL Head
<User Defined> Leaf String
AclV6Process - up
Name Node Type Variable Type
ACLV6 Head
<User Defined> Leaf String
Cbac - up
Name Node Type Variable Type
Inspect name <User Defined> Head
Name Leaf String
Protocols Head
<CbacProtocol> Head
CbacProcess - up
Name Node Type Variable Type
Firewall Head
IP Inspect Names Head
<Cbac> Head
Global Alert Leaf Number
Global Audit Trail Leaf Number
DNS Timeout Leaf Number
FIN-WAIT Time Leaf Number
SYN-WAIT Time Leaf Number
UDP Idle Time Leaf Number
TCP Idle Time Leaf Number
MAX Incomplete High Leaf Number
MAX Incomplete Low Leaf Number
One Minute High Leaf Number
One Minute Low Leaf Number
CbacProtocol - up
Name Node Type Variable Type
Protocol <User Defined> Head
Protocol name Leaf String
Alert Leaf Number
Audit trail Leaf Number
Timeout Leaf Number
CdpProcess - up
Name Node Type Variable Type
CDP Head
CDP Enabled Leaf Boolean
DhcpPool - up
Name Node Type Variable Type
Pool <User Defined> Head
IPs Leaf String
Name Leaf String
DNS Server Leaf String
Default Gateway Leaf String
Start IP address Leaf String
Subnet mask Leaf String
Max Users Leaf Number
TFTP Server Leaf IP Address
DhcpServerProcess - up
Name Node Type Variable Type
DHCP Head
DHCP Enable Leaf Boolean
Pools Head
<DhcpPool> Head
Excluded Addresses Head
<User Defined> Leaf String
DhcpV6ClientProcess - up
Name Node Type Variable Type
DHCPV6 Client Head
DHCPV6 Client PD Name Leaf String
DhcpV6LocalPrefixPool - up
Name Node Type Variable Type
Local Pool Name <User Defined> Head
<User Defined> Head
Local Pool Name Leaf String
Prefix Leaf String
Prefix Length Leaf Number
Sub Prefix Length Leaf Number
DhcpV6Pool - up
Name Node Type Variable Type
Pool Name <User Defined> Head
<User Defined> Head
Pool Name Leaf String
DNS Leaf String
Domain Name Leaf String
Prefix Delegations Head
Prefix Delegations <User Defined> Head
Prefix Delegations Leaf String
DUID Leaf MAC Address
Static Preferred Lifetime Leaf Number
Static Valid Lifetime Leaf Number
Prefix Delegation Pool Head
Name <User Defined> Head
Name Leaf String
Dynamic Preferred Lifetime Leaf Number
Dynamic Valid Lifetime Leaf Number
DhcpV6ServerMainProcess - up
Name Node Type Variable Type
DHCPv6 Head
DHCPv6 Pools Head
<DhcpV6Pool> Head
Local Pools Head
<DhcpV6LocalPrefixPool> Head
DhcpV6ServerProcess - up
Name Node Type Variable Type
DHCPv6 Server Head
DHCPv6 Server Pool Name Leaf String
DnsClient - up
Name Node Type Variable Type
DNS Head
IP Domain Lookup Leaf Boolean
IP Domain Name Leaf String
IP Name Server Leaf IP Address
IPv6 Name Server Leaf IP Address
IP Host Header Head
Host <User Defined> Leaf String
IPv6 Host Header Head
Host <User Defined> Leaf String
DnsServerProcess - up
Name Node Type Variable Type
DNS Server Head
DNS Enable Leaf Boolean
Resource Records Head
Record <User Defined> Head
A Records Head
Address Leaf IP Address
NS Records Head
Server name Leaf String
SOA Records Head
SOA Record <User Defined> Head
Primary Server Name Leaf String
Mailbox Leaf String
Min TTL Leaf Number
Refresh Time Leaf Number
Retry Time Leaf Number
Expire Time Leaf Number
CNAME Records Head
Hostname Leaf String
ClientGroup - up
Name Node Type Variable Type
Group <User Defined> Head
Name Leaf String
Key Leaf String
Pool name Leaf String
Netmask Leaf String
DynamicCryptoMap - up
Name Node Type Variable Type
Map <User Defined> Head
Name Leaf String
Sequence number Leaf String
Crypto IpSec Transform Sets Head
<TransformSet> Head
Reverse-route Leaf Number
EasyVpnServer - up
Name Node Type Variable Type
Easy VPN Server Head
IP Local Pools Head
<VpnIpPool> Head
Client Configuration Groups Head
<ClientGroup> Head
VpnIpPool - up
Name Node Type Variable Type
Pool <User Defined> Head
Name Leaf String
Start IP Leaf String
End IP Leaf String
FileManager - up
Name Node Type Variable Type
Files Head
<User Defined Directory> Head
<User Defined File> Leaf String
FtpServerProcess - up
Name Node Type Variable Type
FTP Server Head
FTP Enable Leaf Boolean
User Accounts Head
Account <User Defined> Head
User Name Leaf String
User Password Leaf String
User Permission Leaf String
Server Files Head
<User Defined> Leaf String
GreProcess - up
Name Node Type Variable Type
GRE Head
Interface Tunnels Head
<TunnelInterface> Head
TunnelInterface - up
Name Node Type Variable Type
Tunnel <User Defined> Head
Port number Leaf String
Source Leaf String
Destination Leaf String
HttpServer - up
Name Node Type Variable Type
HTTP Server Head
HTTP Enable Leaf Boolean
Server Files Head
<User Defined> Leaf String
HttpsServer - up
Name Node Type Variable Type
HTTPS Server Head
HTTPS Enable Leaf Boolean
Category - up
Name Node Type Variable Type
Category <User Defined> Head
NAME Leaf String
Retired Leaf Number
Signature - up
Name Node Type Variable Type
Signature Head
Enabled Leaf Number
Retired Leaf Number
IcmpSignature - up
Name Node Type Variable Type
<Signature> Head
Icmp Signature ID Leaf Number
Icmp Sub ID Leaf Number
IpsProcess - up
Name Node Type Variable Type
IPS Head
Config Location Retries Leaf Number
Config Location Leaf String
Ips List Head
IPS Name <User Defined> Head
IPS Name Leaf String
Ips List Leaf String
Signature Categories Head
<Category> Head
<IcmpSignature> Head
Notify Log Leaf Number
Signature - up
Name Node Type Variable Type
Signature Head
Enabled Leaf Number
Retired Leaf Number
EmailClient - up
Name Node Type Variable Type
Email Client Head
<EmailUser> Head
EmailServer - up
Name Node Type Variable Type
Email Server Head
SMTP Service Enabled Leaf Boolean
POP3 Service Enabled Leaf Boolean
Domain Name Leaf String
Users Head
User <User Defined> Head
User Name Leaf String
User Password Leaf String
EmailUser - up
Name Node Type Variable Type
Email User Head
Name Leaf String
Email Leaf String
Incoming Mail Server Leaf String
Outgoing Mail Server Leaf String
User Name Leaf String
User Password Leaf String
NatProcess - up
Name Node Type Variable Type
NAT Head
Pools Head
Pool Name <User Defined> Leaf String
Inside Source List Head
NAT Source Setting <User Defined> Leaf String
Outside Source List Head
NAT Source Setting <User Defined> Leaf String
Inside Source Static Head
NAT Source Setting <User Defined> Leaf String
Outside Source Static Head
NAT Source Setting <User Defined> Leaf String
NatV6Process - up
Name Node Type Variable Type
NATV6 Head
Pools Head
<User Defined V6V4> Leaf String
<User Defined V4V6> Leaf String
Prefix Head
Prefix IP Leaf IP Address
Prefix Mask Leaf IP Address
Inside Source List Head
<User Defined V4V6> Leaf String
<User Defined V6V4> Leaf String
Inside Source Static Head
Name Leaf String
NdProcess - up
Name Node Type Variable Type
NDV6 Head
General Prefixes Head
General Prefix <User Defined> Leaf String
Neighbors Head
Neighbor <User Defined> Head
IPv6 Address Leaf IP Address
Mac Address Leaf MAC Address
NtpClientProcess - up
Name Node Type Variable Type
NTP Client Head
NTP Authenticate Leaf Number
Update Calendar Leaf Number
Authentication Keys Head
Key <User Defined> Head
Name Leaf String
Password Leaf String
Trusted Keys Head
Key Leaf Number
NTP Server Information Head
Address Leaf IP Address
Key Leaf String
NtpServerProcess - up
Name Node Type Variable Type
NTP Server Head
Service Leaf Boolean
Authentication Leaf Number
Key Leaf Number
Password Leaf String
PppoeServer - up
Name Node Type Variable Type
PPPOE Server Head
<VirtualTemplateManager> Leaf Boolean
VirtualTemplateManager - up
Name Node Type Variable Type
Virtual Template Head
Interfaces Head
<VirtualTemplateInterface> Head
VPDN Enable Leaf Boolean
VPDN Groups Head
<VpdnGroup> Head
VirtualTemplateInterface - up
Name Node Type Variable Type
Virtual Template Interface Head
IP Unnumbered Enabled Leaf String
Default IP Address Pool Leaf String
PPP CHAP Hostname Leaf String
PPP CHAP Password Leaf String
PPP Authentication Leaf Number
VpdnGroup - up
Name Node Type Variable Type
VPDN Group Head
Group Name Leaf String
Dial-in Leaf Boolean
Virtual Template Leaf Number
Protocol PPPOE Leaf Boolean
ClassMapManager - up
Name Node Type Variable Type
Class Maps Head
Class Map List Head
<User Defined> Head
Map Type Leaf Number
Statements Head
<User Defined> Leaf String
CustomQueueInfo - up
Name Node Type Variable Type
Custom Queue Info <User Defined> Head
Protocol List Head
<QueueProtocol> Head
Queues Infos Head
Queue Info Leaf String
Default Queue Leaf String
CustomQueueManager - up
Name Node Type Variable Type
Custom Queues Head
Custom Queue Info List Head
<CustomQueueInfo> Head
PolicyMapManager - up
Name Node Type Variable Type
Policy Maps Head
Policy Map List Head
Policy Map <User Defined> Head
Policy Map Name Leaf String
Policy Map Type Leaf Number
<PolicyMapQosClass | PolicyMapZfwClass> Head
PolicyMapQosClass - up
Name Node Type Variable Type
QoS Class <User Defined> Head
Map Name Leaf String
Bandwidth Leaf Number
Queue Limit Leaf Number
Priority Leaf Number
Service Policy Leaf String
PriorityQueueManager - up
Name Node Type Variable Type
Priority Queue Head
Priority List Head
<User Defined> Head
Protocol Leaf String
Queue Limit Head
High Leaf String
Medium Leaf String
Normal Leaf String
Low Leaf String
Default Leaf String
QueueProtocol - up
Name Node Type Variable Type
Queue Protocol Head
IP Leaf Number
IPv6 Leaf Number
Keyword Leaf Number
Key Value Leaf Number
Queue Index Leaf Number
BgpProcess - up
Name Node Type Variable Type
BGP Head
Autonomous System Leaf Number
Router ID Leaf IP Address
Log Neighbor Changes Leaf Boolean
Redistribute-internal Leaf Boolean
Networks Head
Route <User Defined> Leaf String
Neighbors Leaf Boolean
<User Defined> Leaf IP Address
Autonomous System Leaf Number
Next-Hop-Self Leaf Boolean
Timers Head
Keepalive Leaf Number
Holdtime Leaf Number
Synchronization Leaf Boolean
Redistribution Head
<User Defined> Leaf String
EigrpMainProcess - up
Name Node Type Variable Type
EIGRP Head
<EigrpProcess> Head
EigrpProcess - up
Name Node Type Variable Type
Autonomous System <User Defined> Head
Auto Summary Leaf Number
Networks Head
Route <User Defined> Leaf IP Address
Passive Interface Head
Default Leaf Number
<User Defined> Leaf String
Metrics Leaf String
Variance Leaf Number
Redistribution Head
<User Defined> Leaf String
OspfMainProcess - up
Name Node Type Variable Type
OSPF Head
<OspfProcess> Head
OspfProcess - up
Name Node Type Variable Type
Process ID <User Defined> Head
Area Authentication Head
Area <User Defined> Leaf Number
Area Head
Area <User Defined> Leaf Number
Area Status Leaf String
Default Cost Leaf Number
Virtual Link Head
<User Defined> Leaf String
Default Information Leaf Number
Log Adjacency Changes Leaf String
Passive Interface Head
Default Leaf Number
<User Defined> Leaf String
Networks Head
Route <User Defined> Head
Redistribution Head
<User Defined> Leaf String
Router ID Leaf String
RipProcess - up
Name Node Type Variable Type
RIP Head
Version Leaf Number
Auto Summary Leaf Number
Default Information Originate Leaf Boolean
Redistribution Head
<User Defined> Leaf String
Timers Leaf String
Networks Head
Route <User Defined> Leaf String
Passive Interface Head
Default Leaf Number
<User Defined> Leaf String
RoutingProcess - up
Name Node Type Variable Type
Routes Head
(deprecated) Static Routes Head
Route <User Defined> Leaf String
Static Routes Head
Route <User Defined> Leaf String
Default Networks Head
<User Defined> Leaf IP Address
IP Routing Leaf Boolean
Forward Protocols Head
<User Defined> Leaf String
EigrpV6MainProcess - up
Name Node Type Variable Type
EIGRPV6 Head
<EigrpV6Process> Head
EigrpV6Process - up
Name Node Type Variable Type
EIGRPv6 <User Defined> Head
Metrics Leaf String
Shutdown Leaf Number
Router ID Leaf IP Address
Redistribution Head
<User Defined> Leaf String
OspfV3MainProcess - up
Name Node Type Variable Type
OSPFV6 Head
<OspfV3Process> Head
OspfV3Process - up
Name Node Type Variable Type
OSPFv6 <User Defined> Head
Area Head
Area <User Defined> Head
Area Status Leaf String
Default Cost Leaf Number
Virtual Link Head
<User Defined> Leaf String
Log Adjacency Changes Leaf Number
Passive Interface Head
Default Leaf Number
<User Defined> Leaf String
Shutdown Leaf Number
Redistribution Head
<User Defined> Leaf String
RipV6MainProcess - up
Name Node Type Variable Type
RIPV6 Head
<RipV6Process> Head
RipV6Process - up
Name Node Type Variable Type
RIPv6 <User Defined> Head
Distance Leaf Number
Redistribution Head
<User Defined> Leaf String
ShutDown Leaf Number
RoutingProcessV6 - up
Name Node Type Variable Type
Routesv6 Head
IPv6 Unicast Routing Leaf Number
(deprecated) Static Routes Head
<User Defined> Leaf String
Static Routes Head
<User Defined> Leaf String
Default Networks Head
<User Defined> Leaf IP Address
Security - up
Name Node Type Variable Type
Security Head
Crypto Key Set Leaf String
Boot Config Leaf String
Boot Image Leaf String
Modulus Bits Leaf Number
SnmpAgent - up
Name Node Type Variable Type
SNMP Head
SNMP Communities Head
Community <User Defined> Leaf Number
SshServerProcess - up
Name Node Type Variable Type
SSH Server Head
SSH Version Leaf Number
SSH Authentication-retries Leaf Number
SSH Timeout Leaf Number
StpMainProcess - up
Name Node Type Variable Type
STP Head
VLANs Head
<User Defined> Head
VLAN Number Leaf Number
Priority Leaf Number
RSTP Leaf Number
PortFast Default Leaf Number
PortSecurity - up
Name Node Type Variable Type
Port Security Head
Enabled Leaf Boolean
Static MACs Head
<User Defined> Leaf MAC Address
Port Security Violation Leaf Number
Max Static MACs Leaf Number
Sticky Enabled Leaf Boolean
Sticky MACs Head
<User Defined> Leaf MAC Address
SyslogClient - up
Name Node Type Variable Type
SYSLOG Client Head
Server Addresses Head
Address Leaf String
SyslogServer - up
Name Node Type Variable Type
SYSLOG Server Head
Service Leaf Boolean
TcpProcess - up
Name Node Type Variable Type
TCP Head
Service Nagle Leaf Boolean
TCP MSS Leaf Number
TftpServer - up
Name Node Type Variable Type
TFTP Head
TFTP Enable Leaf Boolean
ServerFiles Head
<User Defined> Leaf String
CMEProcess - up
Name Node Type Variable Type
Call Manager Express Head
Dial Peers Head
<DialPeer> Head
<TelephonyService> Head
EPhones Head
<Ephone> Head
EPhone Directories Head
<EphoneDirectory> Head
DialPeer - up
Name Node Type Variable Type
Dial Peer <User Defined> Head
Tag Number Leaf Number
Destination Pattern Leaf Number
Session Target Leaf IP Address
Ephone - up
Name Node Type Variable Type
EPhone <User Defined> Head
Number Leaf Number
MAC Address Leaf MAC Address
Buttons Head
Button <User Defined> Head
Button Leaf Number
<EphoneDirectory> Head
EphoneDirectory - up
Name Node Type Variable Type
EPhone Directory <User Defined> Head
Directory Number Leaf Number
Directory Line Number Leaf String
TelephonyService - up
Name Node Type Variable Type
Telephony Service Head
Auto Assign Commands Head
Auto Assign <User Defined> Leaf String
Max Directory Number Leaf Number
Max EPhone Number Leaf Number
Source IP Leaf IP Address
Source Port Leaf Number
CryptoMapSeq - up
Name Node Type Variable Type
Sequence Head
Number Leaf String
Peers Head
<IpsecPeer> Head
Match address Leaf String
CryptoMapSet - up
Name Node Type Variable Type
Set Head
Name Leaf String
Respond Leaf String
Sequence List Head
<CryptoMapSeq> Head
Ports Head
Port Leaf Number
IkePolicy - up
Name Node Type Variable Type
Policy <User Defined> Head
Number <User Defined> Leaf Number
Authentication type Leaf String
Hash algorithm Leaf String
Encryption Leaf String
Group Leaf Number
Lifetime Leaf Number
IpsecPeer - up
Name Node Type Variable Type
Peer Head
Address Leaf String
IpsecProcess - up
Name Node Type Variable Type
IKE Head
Crypto ISAKMP Policy Head
<IkePolicy> Head
Crypto ISAKMP Key Address Pairs Head
<User Defined> Leaf String
Crypto IpSec Transform Sets Head
<TransformSet> Head
Crypto Map Sets Head
<CryptoMapSet> Head
Crypto Dynamic Maps Head
<DynamicCryptoMap> Head
ISAKMP Enable Leaf Number
Security Association Leaf Number
TransformSet - up
Name Node Type Variable Type
Set Head
Name Leaf String
AH Transform Leaf Number
ESP Authentication Transform Leaf Number
ESP Encryption Transform Leaf Number
ISATAP - up
Name Node Type Variable Type
ISATAP Client Head
ISATAP Client Enabled Leaf Boolean
ISATAP Router Leaf String
VtpProcess - up
Name Node Type Variable Type
VTP Head
Domain Name Leaf String
VTP Mode Leaf Number
VTP Password Leaf String
VTP Version Leaf Number
WirelessClientProcess - up
Name Node Type Variable Type
<WirelessCommon> Head
Security Mode Head
User Id Leaf String
Password Leaf String
WirelessCommon - up
Name Node Type Variable Type
Wireless Head
SSID Leaf String
Security Mode Head
Authen Type Leaf Number
WEP Key Leaf String
PassPhrase Leaf String
Encryption Type Leaf Number
WirelessServerManager - up
Name Node Type Variable Type
Dot11 Configuration Head
SSID Configurations Head
SSID <User Defined> Leaf String
SSID name Leaf String
Authentication Leaf String
WPA key management Leaf Number
EAP method Leaf String
EAP list name Leaf String
Wpa-psk Head
Key entered as Leaf String
Unencrypted Leaf Number
Key Leaf Number
Dot11Radio Configurations Head
<WirelessServerPortData> Head
WirelessServerPortData - up
Name Node Type Variable Type
Dot11Radio Head
Bridge Group Leaf Number
Station Role Leaf Boolean
Speed Leaf String
Encryption Head
Key Leaf String
Size Leaf String
Type Leaf String
Hex String Leaf String
Mode WEP Leaf String
Mode Cipher Leaf String
SSID Leaf String
WirelessServerProcess - up
Name Node Type Variable Type
<WirelessCommon> Head
Security Mode Head
RADIUS Server IP Leaf String
RADIUS Shared Secret Leaf String
SSID BroadCast Leaf Number
Mac Filter Mode Head
Mode Leaf Boolean
Access Restriction Leaf Number
Mac Address List Head
Mac Address Leaf MAC Address
PolicyMapZfwClass - up
Name Node Type Variable Type
Inspect Class <User Defined> Head
Class Map Leaf String
Action Leaf Number
ZfwProcess - up
Name Node Type Variable Type
Zone Based Firewall Head
Zone Names Head
<User Defined> Leaf String
Zone Pairs Head
<ZonePair> Head
ZonePair - up
Name Node Type Variable Type
Zone Pair <User Defined> Head
Name Leaf String
Source Zone Leaf String
Destination Zone Leaf String
Service Policy Leaf String
Settings - up
Name Node Type Variable Type
Algorithm Settings Head
CBAC Head
Half-Open Session Multiplier Leaf Number
TCP Head
Maximum Number of Connections Leaf Number
Maximum Number of Open Sessions Leaf Number
Switching Head
Storm Control Multipler Leaf Number
PrivilegeManager - up
Name Node Type Variable Type
Command Privilege Head
Commands Head
Command Leaf String
ParserView - up
Name Node Type Variable Type
View Head
View name Leaf String
Secret Leaf String
Commands Head
Command Leaf String
ParserViewManager - up
Name Node Type Variable Type
Parser View Head
Views Head
<ParserView> Head
TerminalLine - up
Name Node Type Variable Type
RS232 | Console Line | Head
VTY Line <User Defined> |
Speed Leaf Number
Data Bits Leaf Number
Parity Leaf Number
Stop Bits Leaf String
Flow Control Leaf Number
Transport Input Leaf Number
Transport Output Leaf Number
History Size Leaf Number
MOTD Banner Leaf Number
Login Leaf Number
Password Leaf String
AAA Method List Name Leaf String
Session Limit Leaf Number
Access Class In Leaf String
Access Class Out Leaf String
Exec-timeout Leaf Number
Logging Synch Leaf Number
Privilege Level Leaf Number
IPv6 Access-class In Leaf String
IPv6 Access-class Out Leaf String
AccessPoint - up
Name Node Type Variable Type
<Device> Head
<WirelessServerProcess> Head
AnalogPhone - up
Name Node Type Variable Type
<Device> Head
Bridge - up
Name Node Type Variable Type
<Device> Head
CableModem - up
Name Node Type Variable Type
<Device> Head
CiscoDevice - up
Name Node Type Variable Type
<AaaProcess> Head
Banner login Leaf String
Banner motd Leaf String
Boot System Head
<User Defined> Leaf String
<CdpProcess> Head
Clock Timezone Leaf String
Config-Register Leaf Number
<Console> Head
<DnsClient> Head
Enable Password Leaf String
Flash Files Head
<User Defined> Leaf String
FTP Passive Leaf Number
FTP Password Leaf String
FTP Username Leaf String
Host Name Leaf String
IP Domain Name Leaf String
Login Options Head
Login On Success Leaf Number
Login On Failure Leaf Number
Blocking Head
Enabled Leaf Boolean
Duration Leaf Number
Attempts Leaf Number
Period Leaf Number
<NtpClientProcess> Head
<RadiusClientProcess> Head
<Settings> Head
<Security> Head
Security Password Min-Length Leaf Number
Service Password Encryption Leaf Number
<SshServerProcess> Head
Startup Config Leaf Number
Static MAC Head
<User Defined> Leaf String
<SyslogClient> Head
<TacacsClientProcess> Head
<TerminalLine> Head
User Names Head
User Name Leaf String
VTY Lines Head
<TerminalLine> Head
Cloud - up
Name Node Type Variable Type
<Device> Head
Frame Relay Connections Head
<User Defined> Leaf String
DSL Connections Head
<User Defined> Leaf String
Cable Connections Head
<User Defined> Leaf String
Device - up
Name Node Type Variable Type
<User Defined> Head
Custom Model Name Leaf String
Custom Variables Head
<User Defined> Leaf String
Device Model Leaf String
Device Type Leaf Number
In Logical Shape Leaf String
In Physical Shape Leaf String
Ports Head
<Port> Head
Power Leaf Number
Authorization Leaf String
DslModem - up
Name Node Type Variable Type
<Device> Head
HomeVoip - up
Name Node Type Variable Type
<Device> Head
SCCP Server Address Leaf IP Address
Hub - up
Name Node Type Variable Type
<Device> Leaf Number
IPPhone - up
Name Node Type Variable Type
<Device> Leaf Number
Laptop - up
Name Node Type Variable Type
<Pc> Head
MultiLayerSwitch - up
Name Node Type Variable Type
<Router> Head
<EtherChannelManager> Head
MLS QoS Enabled Leaf Number
Pc - up
Name Node Type Variable Type
<TerminalLineDevice> Head
Accessories Head
Camera Connected Leaf Boolean
Headphone Connected Leaf Boolean
Microphone Connected Leaf Boolean
USB Hard Drive Connected Leaf Boolean
Default Gateway Leaf IP Address
Default Gateway IPv6 Leaf IP Address
DNS Server Leaf IP Address
DNS Server IPv6 Leaf IP Address
<EmailClient> Head
Files Head
C Directory Head
sampleFile.txt Leaf String
<User Defined> Leaf String
Desktop Head
sampleFile.txt Leaf String
<User Defined> Leaf String
<Settings> Head
<TerminalLine> Head
<WirelessClientProcess> Head
Pda - up
Name Node Type Variable Type
<Pc> Head
Printer - up
Name Node Type Variable Type
<Pc> Head
Router - up
Name Node Type Variable Type
<CiscoDevice> Head
<AclProcess> Head
<AclV6Process> Head
<CbacProcess> Head
<ClassMapManager> Head
<CMEProcess> Head
<CustomQueueManager> Head
<BgpProcess> Head
<CbacProcess> Head
<DhcpServerProcess> Head
<DhcpV6ServerMainProcess> Head
DHCP Relay Agent Head
Enabled Leaf Boolean
Relay Information Trust All Leaf
<EasyVpnServer> Head
<EigrpMainProcess> Head
<EigrpV6MainProcess> Head
<GreProcess> Head
<IpsecProcess> Head
<IpsProcess> Head
<NatProcess> Head
<NatV6Process> Head
<NdProcess> Head
<OspfMainProcess> Head
<OspfV3MainProcess> Head
<ParserViewManager> Head
<PolicyMapManager> Head
<PriorityQueueManager> Head
<PrivilegeManager> Head
<RipProcess> Head
<RipV6Process> Head
<RoutingProcess> Head
<RoutingProcessV6> Head
<SnmpAgent> Head
<SshServerProcess> Head
<Security> Head
<StpMainProcess> Head
<TcpProcess> Head
VLANS Head
<User Defined> Head
VLAN Name Leaf String
<VirtualTemplateManager> Head
<VtpProcess> Head
<WirelessServerManager> Head
<ZfwProcess> Head
Server - up
Name Node Type Variable Type
<Pc> Head
<AcsServerProcess> Head
<DhcpServerProcess> Head
<DnsServerProcess> Head
<EmailServer> Head
<FtpServerProcess> Head
<HttpServer> Head
<HttpsServer> Head
<NtpServerProcess> Head
<RadiusServerProcess> Head
<SyslogServer> Head
<TftpServer> Head
<EmailServer> Head
Switch - up
Name Node Type Variable Type
<CiscoDevice> Head
Default Gateway Leaf IP Address
DHCP Relay Agent Head
Enabled Leaf Boolean
Relay Information Trust All Leaf
DHCP Snooping Head
Enabled Leaf Boolean
MAC Address Verified Leaf
Option 82 Inserted Leaf
Option 82 Trusted Leaf
VLANs Head
VLAN <num> Leaf Number
DHCP Snooping Binding DB Agent Head
Flash Leaf
Write Delay Leaf
Ports Head
Switch Port Head
DHCP Snooping Limit Rate Leaf
DHCP Snooping Trust Leaf
<EtherChannelManager> Head
<SnmpAgent> Head
<StpMainProcess> Head
VLANS Head
<User Defined> Leaf String
VLAN Name Leaf String
<VtpProcess> Head
ASA - up
Name Node Type Variable Type
<CiscoDevice> Head
Default Gateway Leaf IP Address
Clientless Settings Head
Bookmarks Head
Bookmark Leaf
Title Leaf
Users Head
User Leaf
Bookmark Leaf
Group Policy Leaf
Profile Name Leaf
Username Leaf
DHCP Server (inside) Head
Enabled Leaf Boolean
DHCPD Auto_config Leaf
DHCP Server (outside) Head
Enabled Leaf Boolean
DHCPD Auto_config Leaf
VLANs Head
VLAN <num> Leaf Number
Ports Head
Switch Port Head
<StpMainProcess> Head
VLANS Head
<User Defined> Leaf String
VLAN Name Leaf String
<VtpProcess> Head
TabletPC - up
Name Node Type Variable Type
<Pc> Head
TerminalLineDevice - up
Name Node Type Variable Type
<Device> Head
Enable Secret Leaf String
Logging Head
Service timestamp debug Leaf Number
Service timestamp log Leaf Number
Logging console Leaf Number
Logging buffered Leaf Number
Logging On Leaf Number
Trap Debug Leaf Number
TV - up
Name Node Type Variable Type
<Device> Head
WiredEndDevice - up
Name Node Type Variable Type
<Pc> Head
WirelessRouter - up
Name Node Type Variable Type
<Device> Head
Default Gateway Leaf IP Address
<DhcpServerProcess> Head
DNS Server IP Leaf IP Address
Internet Connection Leaf Number
Password Leaf String
Remote Management Leaf Boolean
Single Port Forwarding Head
<User Defined> Leaf String
<WirelessServerProcess> Head
Console - up
Name Node Type Variable Type
<Port> Head
CloudPotsPort - up
Name Node Type Variable Type
<Port> Head
Phone Number Leaf String
CloudSerialPort - up
Name Node Type Variable Type
<Port> Head
Frame Relay Head
LMI Type Leaf Number
Sublinks Head
<User Defined> Leaf String
FRSubInterface - up
Name Node Type Variable Type
<RouterPort> Head
Type (Point-to-Point/ MultiPoint) Leaf Number
DLCI Head
DLCI <User Defined> Leaf Number
HostPort - up
Name Node Type Variable Type
<Port> Head
ARP Timeout Leaf Number
Auto Config Leaf Number
DHCP client enable Leaf Boolean
<DhcpV6ClientProcess>
Enabled Leaf Boolean
Pool Name Leaf String
IP Address Leaf IP Address
ip mtu Leaf Number
Ipv6 Address Head
IPv6 Enable Leaf Number
<User Defined> Head
IP Address Leaf IP Address
Prefix Leaf String
Type Leaf String
ipv6 mtu Leaf Number
Link Local Leaf IP Address
mtu Leaf Number
Subnet Mask Leaf IP Address
Port - up
Name Node Type Variable Type
<User Defined> Head
Bandwidth Auto Negotiate Leaf Number
Clock Rate Leaf Number
Description Leaf String
Duplex Auto Negotiate Leaf String
MAC Address Leaf MAC Address
Port Type Leaf Number
<PortKeepAliveProcess> Head
Power Leaf Number
Tx Ring Limit Leaf Number
(Wireless) Link to <User Defined> Head
Connects to <User Defined> Leaf String
DCE Port Name Leaf String
Type Leaf Number
PortKeepAliveProcess - up
Name Node Type Variable Type
Port Keepalive Head
Keepalive interval Leaf Number
RoutedSwitchPort - up
Name Node Type Variable Type
<SwitchPort | RouterPort> Head
SwitchPort Leaf Number
EtherChannel - up
Name Node Type Variable Type
<RoutedSwitchPort> Head
Channel group Head
Channel mode Leaf Number
Channel protocol Leaf Number
EtherChannelManager - up
Name Node Type Variable Type
EtherChannel Head
Load Balance Method Leaf Number
RouterPort - up
Name Node Type Variable Type
<HostPort> Head
802.1Q Head
VLAN ID Leaf Number
Native VLAN Leaf Number
Access-group In Leaf String
Access-group Out Leaf String
CDP Enabled Leaf Number
Crypto Map Leaf String
Bandwidth Info Leaf Number
Delay Leaf Number
<Dhcpv6ServerProcess> Head
Pool Name Leaf String
EIGRP Hello Interval Head
Autonomous System <User Defined> Leaf Number
EIGRP Summary Addresses Head
Autonomous System <User Defined> Head
<User Defined> Leaf String
EIGRPv6 Head
EIGRPv6 <User Defined> Enabled Leaf Boolean
EIGRPV6 Hello Interval Head
Autonomous System <User Defined> Leaf Number
Eigrpv6 Summary Addresses Head
Autonomous System <User Defined> Head
<User Defined> Leaf String
Encapsulation Leaf String
Frame Relay Head
Encapsulation Type Leaf Number
LMI Type Leaf Number
IP Maps Head
<User Defined> Leaf String
Helper Addresses Head
Helper Address <User Defined> Leaf IP Address
Hold Queue Leaf Number
Ip Inspect In Leaf String
Ip Inspect Out Leaf String
Ips In Leaf String
Ips Out Leaf String
IPv6 NAT Leaf Number
IPv6 NAT Prefix Leaf String
IPv6 Traffic Filter In Leaf String
IPv6 Traffic Filter Out Leaf String
Keepalive Leaf Boolean
NAT Mode Leaf Number
OSPF Authentication Leaf Number
OSPF Authentication Key Leaf String
OSPF Cost Leaf Number
OSPF Dead Interval Leaf Number
OSPF Hello Interval Leaf Number
OSPF Message Digest Key Head
Key ID <User Defined> Leaf Number
Ospf Network Type Leaf Number
OSPF Priority Leaf Number
OSPFv3 Head
OSPFv3 Process ID Leaf Number
OSPFv3 Area ID Leaf String
OSPFv3 Instance ID Leaf Number
OSPFv3 Priority Leaf Number
OSPFv3 Dead Interval Leaf Number
OSPFv3 Hello Interval Leaf Number
OSPFv3 cost Leaf Number
PPP Head
Authentication Leaf Number
PPPOE Enabled Leaf Number
Priority Group | Custom Queue List | Fair Queue Leaf Number | Number | String
RIP Split Horizon Leaf Boolean
RIPv6 Head
RIPv6 <User Defined> Enabled Leaf Boolean
Route cef Leaf Boolean
Service Policy Input Leaf String
Service Policy Output Leaf String
Virtual Reassembly Leaf Number
Zone Member Leaf String
SwitchPort - up
Name Node Type Variable Type
<Port> Head
Access VLAN Leaf Number
Bpduguard Leaf Number
CDP Enabled Leaf Number
Dynamic Mode Leaf Number
Native VLAN Leaf Number
Nonegotiate Leaf Boolean
Port Mode Leaf Number
PortFast Leaf Number
<PortSecurity> Head
Root guard Leaf Number
Storm Control Leaf String
Trunk VLANs Head
<User Defined> Leaf String
Voice Vlan Leaf Number
Network - up
Name Node Type Variable Type
Network Head
<Device> Head
<MURemoteNetwork> Head
MURemoteNetwork - up
Name Node Type Variable Type
<Device> Leaf Number
Peer Address Leaf String
Peer Network Name Leaf String
Password Leaf String
Connected Leaf Boolean
Multiuser
Multiuser communication allows multiple point-to-point (peer) connections between multiple instances of Packet Tracer. By allowing communication
between Packet Tracer instances, a new door has been opened to a fun, interactive, social, collaborative, and competitive learning environment.
Instructors will now be able to create a variety of activities for students to learn in groups that will facilitate greater social interaction between
students. Students will benefit from this environment by working together to solve problems and share ideas. Both students and teachers should take
full advantage that Multiuser will offer in their learning environment.
Technical Information
By default, uses TCP port 38000, is customizable, and each new instances on the same PC will use the next available port.
On by default.
Dialogs
Multiuser is on by default, users who wish to turn this feature off may do so in the Extensions > Multiuser > Listen menu. The server settings can
be configured from this dialog. The default password is "cisco", it is highly recommended to change this password. To configure the port number,
click Stop Listening and then change it and click Listen again.
Existing Remote Networks refers to multiuser connection clouds that already exist on your desktop. The options allow the user to Always Accept a
remote connection request with no prompt, which is very handy in gaming and central connection scenarios. The second option will Always Deny
connections, refusing any connectivity to existing multiuser clouds on the desktop. The third option Prompts the user on the receiving side of the
connection to manually accept or deny the connection.
New Remote Networks supports the same three options as the previous option. The key difference is that the multiuser clouds don't yet exist on the
receiving user's workspace. If the option is set to Always Accept a new multiuser cloud is created on the workspace and connection to the initiating
copy of Packet Tracer is established. If the option is set to Always Deny nothing happens as the connection is refused. If the option is set to Prompt
the user on the receiving side of the connection to manually accept or deny the connection, if accepted a new multiuser cloud is created on that user’s
workspace.
The Extensions > Multiuser > Options dialog can be used to configure other settings. Allow Remote Saving controls whether this network can be
saved from a remote network using offline saving. Depth for Remote Saving configures how far deep into the remote user sessions will be saved.
For example, if the users are connected as such:
A <-> B
B <-> C
C <-> D
D <-> E
E <-> F
F <-> A
If A is configured with a depth of 2 and attempts to offline save, A will receive a copy of B, C, E, and F's networks, but not D's. Always Start
Listening When Application Starts controls whether Multiuser will be on or off during startup. Allow Peers to see connected devices and port
names controls whether the remote user will see the device name and port name when they create a cable connection to your networks. Forward
remote PTMP broadcast messages works in conjunction with Packet Tracer External Applications (ExApps). Its function is to allow the ExApp to
communicate with all connected copies of Packer Tracer. This option has no effect on the Packet Tracer program by itself.
Port Visibility
The Port Visibility dialog allows you to control what ports on which devices in your network will automatically show up as an available port on
connected remote peer's networks. The remote peer can connect to these ports without requiring your end to create the link.
Connection States
Multiuser has four different connection states. The Multiuser cloud is in the Disconnected state when there is no remote network connection to a
remote peer. The Multiuser cloud goes into the Connecting state when a request is sent to a remote peer to make a remote network connection. When
two remote peers make a remote network connection, the Multiuser cloud goes into the Connected state. The Error state indicates there is a remote
network connection error with the remote peer. For example, if the remote peer's connection suddenly lost network connectivity, then the Error state
would appear.
User Guide
To create a Multiuser connection to another user, click on the Multiuser Connection in the Device-Type Selection Box. Then select the Remote
Network cloud and create it on the workspace. This cloud will represent one entry point to another user. Multiple multiuser entry-points to the same
user are allowed. Click on the cloud to open the Multiuser Connection dialog.
To create an outgoing connection, choose the Outgoing option for Connection Type. In the Peer Address field, enter the remote user's IP address. In
the peer port number, enter the port their instance of Packet Tracer is listening on. Peer Network Name is optional. The option allows this outgoing
connection to connect to a specific incoming cloud the remote peer has set up. For example, if the remote peer created an Incoming connection cloud
named Routers, then you can enter Routers in this field and it will connect to the Routers cloud in the remote peer's network. Leaving this field blank
will create a new cloud in the remote peer's network. The new cloud will have the same name as the cloud that initiated the connection unless that
name already exists, and then the name will be incremented to the next available “name+number”. The password field is the password set in the
Listen dialog from the remote peer's Packet Tracer instance. When the fields are set properly, click on the Connect button.
When an incoming connection happens, you will be prompted (by default, but can be changed under Extensions > Multiuser > Listen) to accept this
connection. When the incoming connection has been accepted, a Multiuser session has started. Each peer will have a cloud for connecting a cable to
the remote user. This cloud can be thought of as a universal patch panel. Both users must establish a connection to this cloud to create a link between
two remote devices.
To create a link between devices, it is very similar to a normal connection, except the other user must also make the connection. Start by selecting a
connection type in the Device-Specific Selection Box, and create the link to your device on one end, and select the cloud on the other end. As with
clusters, automatic connections are not allowed with Multiuser clouds. When you click on the cloud, a popup list similar to the list of ports in a
device will appear. The first option will be Create New Link, and subsequent items will be available ports. Create New Link will connect your cable
to the cloud as one side of a cable run. If ports are available, it means the other user has cables connected to their end of the cloud and you may
connect to these ports. Connecting to one of these available ports will establish a fully connected cable between remote devices.
Although the cloud has so far been described as like a patch panel, it is not the same as a
real patch panel. For example, both sides of the remote links must use the same cable
type to work. A straight-through cable connected to a crossover cable will not result in a
crossover cable, similarly with a rollover cable as well. If user A's side of a serial cable
is a DCE, then on user B's side, the cloud end should be the DCE. With the Port
Visibility turned on for a port, if the remote peer connects to one of your Port Visibility
enabled ports, you will not need to create your end of the cable. It will automatically be
created for you. If the remote user deletes that link, it will delete your end of that link
also. However, if you delete your end of the link, the remote user's end will not be
automatically deleted.
Offline Saving
There are now two options for saving networks. The normal Save in the Menu Bar and Main Tool Bar will create a save file with only your network
and any remote peer connections will be saved as a remote peer connection. Offline Saving will save your network and remote peer networks as a
cluster into a single large network. Offline Saving is controlled by the Depth for Remote Saving that you set and the permission the remote user set.
Opening up a normal save file with a remote peer connection will cause Packet Tracer to attempt to reconnect these remote peer connections.
Opening up an offline saved network will be a regular network with clusters for remote peer networks. Offline Saving is useful to examine others'
networks or to use Simulation Mode.
When your instance of Packet Tracer is connected to a remote peer, you will not be able
to switch to Simulation Mode. When you attempt to switch to Simulation Mode, you
will be prompted to save an offline copy that is to be opened in a new instance of Packet
Tracer. Clicking Yes will cause Packet Tracer to use the current offline saving settings to
create an offline save and open it in a new Packet Tracer instance immediately. From
there, you will be able to use Simulation Mode to examine packets in detail.
IPC (Inter-Process Communication)
The IPC (Inter-Process Communication) feature controls an external programming extension for Packet Tracer that enables external applications
(ExApps) to be added to Packet Tracer to extend its functionality. ExApps are being created by Cisco and other interested groups for use in the
Academy Program. An example ExApp use case might include a program that can automate the task of remotely sending and receiving activity
assessments between students and instructors. Because of the control that the IPC provides in relation to the ExApps, it greatly expands the
capabilities that Packet Tracer can provide without having to wait for the actual Packet Tracer core program to be enhanced.
Configure Apps
The Configure Apps dialog allows you to Add, Remove, and Launch ExApps from the Apps List. To add an ExApp, click on the Add button and
then open the ExApp's App Meta File (*.pta). The default directory to store ExApps is in the extensions directory in the Packet Tracer directory. To
remove an ExApp, select the ExApp from the Apps List and then click on the Remove button. To manually launch an ExApp, select the ExApp from
the Apps List and then click on the Launch button.
In the Description tab, you can view various information about the ExApp such as its description, version number, the ExApp author's name, the
ExApp author's contact info, and the path of the ExApp's executable.
In the Settings tab, you can change how the ExApp launches. You can set it to On Startup, On Demand, or Disabled. If the setting is set to On
Startup, when a Packet Tracer instance launches, the ExApp will launch as well. If the setting is set to On Demand, Packet Tracer will launch the
ExApp when a file indicates to load it or another ExApp launches it. Otherwise, if the startup option is set to Disabled, Packet Tracer will not accept
connections from this ExApp and the ExApp will need to be launched manually.
In the Security tab, you can view the ExApp's Security Privileges which are determined by the ExApp itself and cannot be changed manually.
Show Active Apps
In the Show Active Apps dialog, you can view a list of active ExApps and disconnect them from Packet Tracer. To disconnect an active ExApp,
select the 32 hexadecimal UUID (Universally Unique Identifier) enclosed in the curly brackets associated with the active ExApp then click on
Disconnect. For example, in the screenshot below, the UUID for the UPnP ExApp is da7df6ee-4709-4380-ba25-4e27cc374ae4.
Options
In the Options dialog, you can change the Listen Port Number of the Packet Tracer instance. By default, IPC uses TCP port 39000. You may
change the Listen Port Number to any available port. Also, each new instance of Packet Tracer on the same machine will use the next available port.
You may also toggle the Allow Remote Applications option which allows remote ExApps to connect and communicate with the Packet Tracer
instance on the local machine. You may also toggle Listening by either clicking on the Stop Listening or Start Listening buttons. To prevent the IPC
from listening when Packet Tracer launches, uncheck the Always Listen On Start option.
Log
The Log dialog allows you to view debug messages output from active ExApps. To clear the log, click on the Clear button.
Script Modules
Script Modules are independent entities that add new functionality to Packet Tracer similar to External Applications (ExApps). But unlike ExApps,
Script Modules run within PT rather than as external processes, and therefore, provide better integration with PT. Also unlike ExApps, Script
Modules are developed directly in PT with no external development environment needed. While the basic components of Script Modules are not new
-- PT already has had a script engine, web views, and IPC in various internal components for some time, Script Modules simply unite them and
provide a generic way to extend PT functionality.
Illustrated above is an architectural view of PT's run-time components showing that Script Modules are running inside the PT process. Script
Modules communicate with the PT core the same way that ExApps communicate with PT, using Inter-Process Communication (IPC) calls. The IPC
framework in PT has been extended to allow direct object manipulation, using objects in calls, event callbacks, and delegates. Script Modules and
ExApps can also talk to each other using the PT messaging mechanism between ExApps.
Model - PT engine and GUI accessed via IPC, Script Module data store, and save data in each pka/pkt file
Each Script Module has its own sandbox, and cannot access or change the sandbox of other Script Modules.
Types of Script Modules
There are two places where Script Modules can exist, and so they are named appropriately.
PT Script Modules are encrypted .pts files. They are like ExApps, added to PT by the user (or auto-detected during PT launch), and they
persist as long as PT is running. They can be started or stopped manually, started on PT launch, or on demand.
The File Script Module is contained inside each pka/pkt file. When the pka/pkt file opens, the Script Module starts; when the file closes, the
Script Module stops. The File Script Module is backwards compatible with activity files before 5.3.3 -- scripts in these pka files are loaded into
the File Script Module.
The following table is a summary of differences between the two types of Script Modules:
Manage Add/remove in Extensions->Scripting->Configure Open the pka/pkt file, and go to Extensions->Scripting->Edit File Script
PT Script Modules... Module...
Start
On PT start On file open
Disabled
If a user does not feel safe with the If denied, the pka/pkt file may still open but not function correctly or may
requested privileges, the Script Module can be be prevented from opening. The File Script Module developer decides which
removed action
Script Modules - Scripting Interface
The Scripting Interface is the Script Module development environment inside PT. This is extended from the Scripting page in the Activity Wizard. If
editing a File Script Module, open the pka/pkt file in PT, and go to Extensions->Scripting->Edit File Script Module to bring it up. If editing a PT
Script Module, go to Extensions->Scripting->Configure PT Script Module, add it to PT, and click the Edit button. If creating a new Script Module,
go to Extensions->Scripting->New PT Script Module.
The Scripting Interface is divided into 6 parts, and the Script Module developer would generally use them in the following order.
Info Tab
The first screen after entering the Scripting Interface gives some basic information about Script Modules and the general steps to create a Script
Module. It also provides actions associated with each step. The first step is to select a Script Module template. The templates will include Script
Modules that PT ships with, such as the PC software/services interface, chat, and visualization modules, as well as others. This can help developers
get a jump-start on a new Script Module, or it can be used to undo their changes if they make too many mistakes. This replaces the Defaults button in
the Activity Wizard Scripting page.
General Tab
The General tab is used to fill out information about the Script Module. The Info fields at the top of the page are for identifying and describing the
Script Module. The ID should be unique, and is used for saving, messaging, as well as many other important functions in PT. Because Cisco or PT
cannot guarantee the uniqueness of IDs, we recommend using the hierarchical naming pattern, for example: com.yourcompany.scriptModule1. The
password fields are used to lock the Script Module so other people cannot see or edit the Script Module. If the file saved is an activity file, the
activity password is used instead.
Startup
The Startup configuration section defines how the Script Module will start up.
If this is a PT Script Module:
On Startup: when PT starts, the Script Module will start.
On Demand: starts in the following cases:
a file opens and it has save data for this Script Module
a web view is loading one of the custom interfaces in this Script Module
a message from another Script Module or ExApp is destined to this Script Module
Disabled: the Script Module will not be started under any cases.
A File Script Module will always start when the file opens.
Security Privileges
The security privileges indicate which IPC calls this Script Module can make. Calls to unselected privileges will be denied. A developer should select
only the privileges required for this Script Module to run. Selecting more than the required privileges may lead users to think this Script Module is
doing more than described and it could be seen as a malicious Script Module.
After adding a Script Module, the user can look at the security privileges required, and may remove the Script Module if s/he feels unsafe about the
requested privileges.
When a pka/pkt file containing a File Script Module is loaded, the user will be prompted to allow it to run. If the user does not allow the script to run,
one of the following actions will take place as defined by the developer:
Continue loading the file - this may lead to a nonfunctional file because none of the IPC calls are allowed now; this may be desirable if the
developer still wants the file contents like the network to be accessed by the user.
Stop loading the file - this will make sure the file loaded will have access to the requested privileges; this is useful for example, a time
expiration for a pka/pkt file.
Script Engine Tab
This tab is used to add, remove, edit, rename, import, and export script engine files. Script engine files are scripts written in ECMAScript (Javascript)
language. The text editor allows editing the selected file in the Scripting Interface. Or if the developer chooses, s/he can edit the files in an external
editor using the #include preprocessor directive. The #include directive loads external files inline into the script engine files. Each script file can
include multiple external files. However, the included external files cannot include a reference to another external file. The Script Module only
resolves the first level of included external files to prevent file inclusion loops. When saving or exporting a Script Module with the #include directive,
it will prompt the developer to resolve and expand them inline. This should be done before distributing the pts file so only the pts file needs to be
distributed. But for the developing version, it should not resolve them so the developer can continue to use external editors to edit external files.
#include "chat.js"
The Script Engine tab also has some feature buttons to make debugging a Script Module easier. These feature buttons are:
Run File - runs (evaluates) the currently editing file in the script engine; this makes it easier to load new values and behavior into the script
engine without having to stop and start the Script Module; but be careful with this action because the script engine can now be in an unstable
state.
Each Script Module has one instance of a Qt Script Engine. A Script Module can contain multiple script files written in ECMAScript language
(JavaScript). When the Script Module starts, all script files are executed (evaluated) in the Script Engine in the same order as listed in the Scripting
Interface. As long as the Script Module is running, the Script Engine is running. Script Module logics should be coded in these files.
When the Script Module starts, it will call the main() function defined in the Script Engine. Setup code for this Script Module should be placed in
this function, such as adding menu items, registering for events, launching extra web views, locking GUI, etc.
When the Script Module stops, it will call the cleanUp() function defined in the Script Engine. Clean-up code should be placed here, such as
removing menu items, unregistering for events, closing any web view created by this Script Module, unlocking GUI locked by this Script Module,
etc.
Changes made to the Script Engine after it has started DO NOT take effect until it has been stopped and started again. The Run File button in the
Scripting Interface can be used to make changes to the Script Engine during run-time as described in a previous section.
The Script Engine has access to the IPC and to custom interfaces in web views as described in later sections.
IPC Access
A main part of the Packet Tracer model is the PT engine and GUI. They can be accessed via IPC calls the same way ExApps can access them.
Although they are not considered IPC calls since Script Modules are in the same process as PT, we will still use the term IPC to refer to the API that
PT exposes. Each Script Module has a set of security privileges that it requests before it can make any IPC calls to PT.
The complete IPC API reference is located at the Packet Tracer Community. They are declared in .pki files. Each file contains the declaration of an
interface, data, or PDU. An interface is a class that associates to a PT core object that the Script Module can manipulate (make calls and receive
events). Data is a data structure that is returned to the Script Module. Once returned, the data does not associate to any object in PT core. A PDU is a
special type of data that describes a frame, packet, or other PDU types that PT simulates.
IPC calls can be made from the Script Engine or in web views. The main IPC object is ipc, which is the same as the IPCFrameWork in C++ IPC
Framework, or the IPC interface in CMainParser.pki.
Direct IPC calls
Now with better integration, we can do:
var ip = ipc.network().getDevice(deviceName).getPort(portName).getIpAddress();
Object Manipulation
We can also assign objects to variables, IPC calls return objects, and pass objects as arguments into IPC calls:
var device = ipc.network().getDevice(deviceName);
var port = device.getPort("FastEthernet0/0");
port.setPower(true);
port.setIpSubnetMask(ip1, mask1);
...
var otherPort = port.getLink().getOtherPortConnectedTo(port);
otherPort.setPower(true);
otherPort.setIpSubnetMask(ip2, mask2);
Events
Events use the same process as in ExApps. If the Script Module wants to be notified when an event in PT core happens, register to it first. But with
Script Module, events are handled easier and more directly:
// register an event to callback a method of an object
port.registerEvent("ipChanged", obj, obj.callbackFunc);
The callback function should always have the same function prototype:
callbackFunc = function(src, args) { ... }
The src argument is always an object that has three members: className, objectUuid, and eventName. They describe the source of the event. The
args argument is an object, but depending on the event, it would have different members. The members are the variable names in the pki event
definition.
For example, the IpChanged event for HostPort.pki
event: ipChanged(ip newIp, ip newMask, ip oldIp, ip oldMask) - PrivGetNetwork;
Delegates
A new type of communication is also added to the IPC just for Script Modules -- delegates. When there is functionality that PT wants Script Modules
to implement or supply, it will send that request to its delegates. Delegates are like events, except they return values back to the one sending it. They
are added in pki files:
delegate#one: bool processData(QString data, ip srcIp, int srcPort) - PrivChangeNetwork;
With delegates, we are able to extend PT functionality in the core, such as adding new protocols, reacting to GUI events, and suppressing default
behavior (future feature).
Script Modules cannot run multiple instances like ExApps do, and so the sendMessageToInstance() call is not intended for Script Modules.
In order to receive messages, the Script Module needs to register to the messageReceived event.
ipc.ipcManager().thisInstance().registerEvent("messageReceived", null, onMessage);
Web Views
Web views are using the QtWebKit functionality to render HTML5. Script Modules use web views to create custom interfaces in PT. It can include
html, css, images, and js files. See Custom Interface tab in Scripting Interface in a previous section.
Each Script Module has a Web View Manager, which allows multiple web views. Each web view is owned by only one Script Module; no two Script
Modules can own a web view at the same time. Web views can access IPC calls the same way as in the Script Engine, with the exception that events
and delegates are not supported in web views.
In Script Engine
// create a new web view with width and height and assign it to a variable
var newWebView = webViewManager.createWebView("window title", "http://www.cisco.com", 600, 400);
newWebView.show();
...
// change url
newWebView.setUrl("http://cisco.netacad.net");
Other calls to manipulate the web view are also available, such as change title, size, window flags and modality.
The Script Engine can also ask a web view to evaluate a JavaScript statement.
In Script Engine
newWebView.evaluateJavaScript("alert('hello')");
This method is the main way for the Script Engine to talk to web views -- ask the web view to evaluate JavaScript statements to show some interface
changes. An evaluateJavaScriptAsync() function should be used for calls that initiate from a different thread than the main GUI's and the evaluate
statements may change the GUI. For example, when a process receives a packet, and it needs to change a web view, it should use the
evaluateJavaScriptAsync() function.
Web views can also communicate with the Script Engine, using the $se() built-in function.
In Script Engine
function doSomething(argInt, argStr, argBool)
{ ... }
In Custom Interface
<html>
...
<script>
function onClick()
{
// call doSomething function in Script Engine with 3 arguments
$se("doSomething", 1, "some string", true);
}
</script>
...
</html>
Each web view has a webView variable that is the IPC object of itself. It can use it to change its own properties.
In Custom Interface
<html>
...
<script>
function onClick()
{
webView.setUrl("http://www.cisco.com");
}
</script>
...
</html>
There might be cases when the custom interface asks the Script Engine to do a task, and upon completing the task or on event, the Script Engine calls
back a function in the custom interface. Because there can be multiple web views owned by the Script Module, we need a way to identify the
different web views. Each web view has a web view ID that it can pass to the Script Engine along with the name of a function call. The Script Engine
can use this ID to look up and call the function in that web view.
In Custom Interface
<html>
...
<script>
$se("doSomething", webView.getWebViewId(), "callbackFunc");
...
function callbackFunc(argInt, argStr)
{ ... }
</script>
...
</html>
In Script Engine
function doSomething(webViewId, callbackFunc)
{
...
var webView = webViewManager.getWebView(webViewId);
$wvca(webView, callbackFunc, 123, "hello");
}
There are function shortcuts for web view's evaluateJavaScript() and evaluateJavaScriptAsync(). They are $wvc() and $wvca() respectively. Their
first argument is the web view object.
Custom Interface URL Scheme
To point a web view to a custom interface in Script Modules, use this scheme: scriptModuleID:customInterfaceID. There are two predefined Script
Module IDs:
It can also point to a custom interface in a different Script Module by using the other Script Module's ID: net.netacad.cisco.PcChat:chat.htm.
In Script Engine
webView.setUrl("this-sm:Interface0.htm");
...
webView.setUrl("net.netacad.cisco.PcChat:chat.htm");
In Custom Interface
<a href="this-sm:Interface0.htm">htm in this Script Module</a>
<a href="file-sm:Interface0.htm">htm in the File Script Module</a>
<a href="net.netacad.cisco.PcChat:chat.htm">htm in another Script Module</a>
If the target link is in the same Script Module, the ID can be omitted.
In Custom Interface
<a href="Interface0.htm">htm in this Script Module</a>
After pointing a web view to load a custom interface in another Script Module, this Script Module no longer owns the web view, and will not have
access to the web view any more. This is to enforce the sandbox for each Script Module and to prevent hijacking of web views after the page goes to
a different Script Module.
Images, css, and js files should be imported to the Script Module's Custom Interface using the Import button. Once resources are imported, the
custom interface can load them using standard HTML tags. External resources may not be resolved if an absolute path is not supplied.
In Custom Interface
<html>
...
<link type="text/css" href="jquery-ui-1.8.7.custom.css" rel="stylesheet" />
<script type="text/javascript" src="jquery-1.4.4.min.js"></script>
<script type="text/javascript" src="jquery-ui-1.8.7.custom.min.js"></script>
...
</html>
Device Dialog
Each device dialog has a new tab with a web view that has direct access to the device. It has a device variable built-in that is the device's IPC object.
So, within this web view, the custom interface can do the following.
In Custom Interface
<html>
...
<script>
device.getPort("FastEthernet").setIpSubnetMask("1.1.1.1", "255.0.0.0");
</script>
...
</html>
The default custom interface to render in each device's dialog can only be selected using the PT GUI. However, once a Script Module has ownership
of the device dialog's web view, it can use setUrl() in the Script Module code to change the custom interface. The PT GUI allows changing the device
dialog custom interface for this file only or for the PT globally. Go to Extensions->Scripting->Config File Custom Interface for this file, and
Extensions->Scripting->Config Global Custom Interface or go to Custom Interfaces tab in Options->Preferences for the PT globally.
PT is packaged with a PcSoftware Script Module for the PC device dialog's Software/Services tab similar to the one in Cisco Aspire Game. It also
comes with a separate Script Module for a new feature, PcChat, to be added to the main page of the PcSoftware Script Module. Because Script
Modules work in a sandbox and cannot see or change anything about another Script Module, we send messages from PcChat to PcSoftware to
register itself when it starts.
Software in Script Modules developed by others can do the same and add themselves to the PC's Software/Services automatically.
Script Modules - Data Store
The data store is the other part of the model in the Script Module. The data store has a list of data files, in json, xml, csv, or any plain text format.
They can be treated as files or as a hash table. Data can be added when developing the Script Module. It can also be added, removed, and edited
dynamically during run time by the Script Module. They are saved in the PT options file for persistence because the user may not have write access
to the pts file, and a way is needed to save the dynamic data. The data is also saved when a Script Module is edited and saved. Use the $putData(),
$getData(), and $removeData() built-in functions.
$putData("helloData", "hello world");
var data = $getData("helloData");
$removeData("helloData");
When the pka/pkt file opens, PT will send the data to the Script Module if it has registered to the onOpen event.
ipc.ipcManager().registerEvent("onOpen", null, onOpenCallback);
...
When the pka/pkt file opens, before sending the data to the Script Module, PT also checks if the Script Module has started. If not, it will start the
Script Module if it is not set to disabled.
Script Modules - Data Store
The data store is the other part of the model in the Script Module. The data store has a list of data files, in json, xml, csv, or any plain text format.
They can be treated as files or as a hash table. Data can be added when developing the Script Module. It can also be added, removed, and edited
dynamically during run time by the Script Module. They are saved in the PT options file for persistence because the user may not have write access
to the pts file, and a way is needed to save the dynamic data. The data is also saved when a Script Module is edited and saved. Use the $putData(),
$getData(), and $removeData() built-in functions.
$putData("helloData", "hello world");
var data = $getData("helloData");
$removeData("helloData");
When the pka/pkt file opens, PT will send the data to the Script Module if it has registered to the onOpen event.
ipc.ipcManager().registerEvent("onOpen", null, onOpenCallback);
...
When the pka/pkt file opens, before sending the data to the Script Module, PT also checks if the Script Module has started. If not, it will start the
Script Module if it is not set to disabled.
Script Modules - Custom UDP Processes
With Script Modules, instructors and students can now develop and add new protocols to PT. They are called custom processes and for now, PT only
supports custom processes on top of UDP.
Create
The process can be created and started as follow:
// create the custom process on the device
var process = device.getProcess('UdpProcess').createCustomUdpProcess();
Send Data
It can send data, but only supports a text payload right now.
// send data to IP and UDP port
process.sendData("text data", "1.1.1.1", 1234, null, null);
The last argument in sendData() is the outgoing port. If null, the lower processes, such as routing process on routers, would decide the outgoing port.
Or it can be supplied:
// send data to IP and UDP port and FastEthernet port
var outPort = device.getPort("FastEthernet");
process.sendData("some data", "1.1.1.1", 1234, null, outPort);
The second to last argument in sendData() is the frame instance. It is used in Simulation Mode to show the PDU color and details, such as what
decisions are made on the PDU. There is currently no representation of the PDU format in PDU Details.
// create a frame instance with color and destination
var frameInstance = process.createFrameInstance(0xff0000, "1.1.1.1");
Receive Data
When the custom UDP process receives a packet, it would use the delegate mechanism to have a Script Module do custom processing with the
packet. First, the Script Module needs to register for the delegate, and then in the delegate function, process the data.
// register for the processData delegate
process.registerDelegate("processData", null, processData);
Changes made to the Script Engine after it has started DO NOT take effect until it has been stopped and started again.
A web view can only be owned by one Script Module at a time. When a Script Module points a web view to a custom interface in another
Script Module, it transfer the web view's ownership to the other Script Module, and will no longer have access to it.
Local resources for custom interface such as images, css, and js files should be imported into the Custom Interface tab. External resources
may not be resolved if an absolute path is not supplied.
Editing a Script Module does not save it to disk until you click on Save in the Scripting Interface for PT Script Modules, or File Save for File
Script Modules.
Script Modules need to clean up when stopping by placing clean-up code in the cleanUp() function. Menu items added, web views created,
GUI locked, and anything else done at or after the Script Module started should be cleaned up.
Data store files of all Script Modules are saved in PT options. They are not saved to the pts file unless the user edits the Script Module and
saves it to pts file.
JavaScript statements to web views that may change the GUI, such as alert popups, layouts, HTML element changes should use
evaluateJavaScriptAsync(). Using evaluateJavaScript() may crash PT.
After creating a new web view, show() needs to be called in order to show the web view.
To check a PDU from the user's working network, use AssessmentModel.getPDUStatus("Scenario Name", index). If the user's PDU is a
periodic PDU, you must stop it first, otherwise the status will always be "In Progress". To stop it, use
AssessmentModel.stopPeriodicPDU("Scenario name", index).
JavaScript's setTimeout(), setInterval(), clearTimeout(), and clearInterval() are supported in both the Script Engine and web views.
Use AssessmentModel for activity file related calls. See API for reference.
setExclusive() in CIpcManager.pki affects both ExApps and Script Modules. Once an ExApp or Script Module makes this call, all other
ExApps and Script Modules will be disconnected.
There are over 300 Packet Tracer .pka files that exist embedded in the Discovery and Exploration courses. They are also packaged for instructor
convenience in the Tools section for a given course in Academy Connection. Included with this version of Packet Tracer are two ways to open files:
Open and Open Samples. The Open selection will access a local directory that you choose upon installation and can change through the Options >
Preferences > Administrative tab. The Open Samples choice will access a directory within the Packet Tracer installation directory, and includes
sample activities of some of the new protocols in this version of Packet Tracer.
There are also three ways to save files. The Save selection will access the directory you specified (in a Windows environment, in "My Documents"
typically. The Save As selection allows you to choose different directories at the time of the save. Finally, Save As Pkz creates a zip-like collection
of .pka files and associated graphics, templates, and other files to allow a more customized experience in an activity file. In the following sections,
we suggest four design patterns – approaches or problem templates for authoring your own .pka files: concept builders, skill builders, design
challenges, and troubleshooting. We encourage you to modify existing .pka files, share your own files, or write them from scratch using the extensive
new Activity Wizard features, following one of the four main design patterns, described in more depth below.
Concept Builders
Concept builders are model-building inquiries and investigations leading to student-created explanations and animations of networking concepts,
especially device algorithms and networking protocols. One intended use for Packet Tracer is for students to construct their own model or virtual
networks, obtain access to important graphical representations of those networks, animate those networks by adding their own data packets, ask
questions about those networks, and finally annotate and save their creations. The term "packet tracing" describes an animated movie mode where the
learner can step through simulated networking events, one at a time, to investigate the microgenesis of complex networking phenomena normally
occurring at rates of thousands and millions of events per second.
For example, a simple concept builder prompt might be "Illustrate the forwarding behavior of hubs" or "Demonstrate the filtering, forwarding,
flooding, learning, and aging behavior of switches." Other prompts might include: "Build a PT network that compares and contrasts the behavior of
hubs and switches," "How does switch behavior differ from router behavior?," and "Build a model demonstrating the behavior of ARP, ping, trace,
CDP, RIP, or EIGRP." More complex modeling might be prompted by "Model a network that you use at home or at work," "Illustrate the behavior of
ping with empty ARP tables on a LAN and across a WAN," "Demonstrate the building of RIP and EIGRP routing tables," or "Create a routing loop
with static routes and show how the TTL field of an IP packet launched into this loop is decremented."
Many users may want to model networks they encounter at home or at work. Though this is often limited by the current device and protocol feature
set of Packet Tracer, reasonably sophisticated models can be built. Model-building may be an effective way to learn many networking concepts, and
often leads to more questions and research projects. Concept building problems are probably best written as blank or partially completed .pkt files.
Given the open-ended inquiry nature of modeling, it is somewhat difficult to author an appropriate .pka file. Some instructors may want to give
students a pre-existing topology via a .pkt file and focus students on different packet scenarios; other instructors may want to focus students on
modeling a sequence of networks, from scratch, such as PC to PC, PC to hub, and PC to switch, and then on to more complex combinations of
switches, routers, and clouds. Some instructors have students present their Packet Tracer models to the class.
Skill Builders
Skill builders support algorithmic problem solving in support of the development of networking procedural knowledge. For example, simple skill
building problems can include having students complete hands-on practical labs in Packet Tracer before working on real equipment (as a pre-lab, or
what some call a lab entry ticket); after having worked on real equipment (as a post-lab review); or just for practice (similar to an e-lab, but without
as much structure). Within the limits of Packet Tracer modeling and supported command set, and often with some minor modifications required, IOS
configurations may be exported (as text files) for input into real switches and routers. Such configuration files may also be imported back into Packet
Tracer. Hence students might create and test their lab configurations before attending class, hopefully getting more out of their often limited time on
real equipment.
Skill builders can be as complex as Packet Tracer versions of hands-on skills exams. Skill builders may be authored as simple .pkt files with either
integrated or printed instructions (handouts). Skill builders may be also be authored as .pka files with the configurable components specified in the
grading tree. The use of the .pka activity timer is particularly relevant for skill building activities. For example, friendly competitions can be held to
see how well students have mastered configuration tasks.
Design Challenges
Design challenges are constraint-based problems with multiple correct solutions. They may range from very simple (devise a classful addressing
scheme for a network consisting of 2 PCs and 2 routers), to intermediate (devise a VLSM addressing scheme for a school with various classroom and
administrative subnet needs), to complex (doing large parts of semester case studies in Packet Tracer). Some instructors have students use Packet
Tracer to verify the functionality of IP addressing schemes they have designed. Design challenges are probably best done as blank or partially-
completed .pkt files: given the open-ended nature of many design problems it may be difficult to author a graded .pka activity because the current
version of the activity wizard, despite the variable manager, still has limited provisions for determining equivalence between the multiple correct
answers that often occur in design problems.
The physical mode of Packet Tracer (with its Inter-City, City, Office, and Wiring Closet views), ability to load background images, and a variety of
other annotation features (such as "i" boxes for network and scenario descriptions, customizable device names, place note tool, translatable GUI) may
also be relevant for contextualizing case-study type design problems. Some instructors have students create designs in Packet Tracer and defend them
in classroom design reviews before allowing students to implement them on real equipment.
Troubleshooting
Troubleshooting activities include diagnosing, isolating, and fixing the simulated network from a previously bugged network file. Troubleshooting
problems may range from simple (Ethernet speed and duplex mismatches, IP addresses on the wrong subnet, incorrect choices of cables, or missing
clock settings on serial interfaces) to complex (improper VLSM schemes, incorrect routing updates, multiple interacting network faults). Both .pkt
network files and .pka activity files may be effectively authored for troubleshooting-type problems. Precisely controlled troubleshooting situations
may be authored as .pka files with the configurable components specified in the answer network (grading tree) of the Activity Wizard. For example,
even very complex networks with thousands of potential configurable components can have a single bug introduced, and a .pka activity authored
which requires the student to diagnose, isolate, and fix that one bug to complete the activity. The use of the .pka-file activity timer is particularly
relevant for troubleshooting activities; for example, friendly competitions to see how efficiently students can repair a network.
Packet Tracer Translation Process
Packet Tracer supports semi-automated translation to all Unicode-supported languages. The first part of this guide explains the translation process for
the main application. The second part explains the process for translating the help files. A short FAQ guide is provided at the end of each part to
answer questions regarding the processes.
Overview
The translation process involves the translation of three separate parts of the program, each one with a small dependency on the translation of the
Main Application. The most important translation is the main application as described in Part 1. This will translate the interface of the program. The
help file screenshots depend on the translation of the main application in order to display the graphics in the translated language. The save files
reference the language files to use upon opening the program so that the program will display in the native language of the save file if available.
To standardize the language files, the naming convention for language filenames should follow ISO 639-2. Packet Tracer uses the Alpha-3 code for
representation of names of languages. A list of language names to code is defined here: ISO-639-2_values_8bits-utf-8.csv. An example of an
appropriate name is: "English_eng".
Have a subject matter expert, other than the translator, review the translation when it is complete
Allow for text expansion, words may need to be translated differently to accommodate limited space
Qt Linguist
Setup:
You can translate to another language or change/continue translations on a previously translated language file. If you are translating to a new
language, copy "template.ts" to "<new language name>.ts". Be sure that the <new language name> follows the ISO 639-2 standard defined in the
overview section above.
Instructions:
1. Open Qt Linguist.
4. Enter the text in the Translation text field and mark finish by pressing Ctrl + Enter. (See additional important notes below.)
5. Release the language file [File-->Release As…], from fromat type menue select All files (*) and save it as "<language name>.ptl" in the
"\languages" folder. Remember to save this project (the .ts file) by [File-->Save As…] as well as releasing it. The help files will reference this
project file.
6. Open Packet Tracer. In the Options-->Preferences, Interface tab, select the recently translated language and restart Packet Tracer.
2. Accelerators: The character "&" defines an accelerator key. An example of an accelerator is &File, pressing Alt-F on the keyboard is
equivalent to clicking on the file menu. When you are translating to another language, an accelerator key can be placed on any character, but
be sure to not use the same character twice.
3. Rich text: HTML tags may be used to manipulate the text shown on screen. Rich text is useful for certain language fonts that are too small or
too large.
FAQ:
Q1. Where do I find the "template.ts" file?
A1. It is located in the "languages" folder of the installation path for the application. Example: "C:\Program Files\Packet Tracer 5.2.1\languages"
Q2. Do I need to translate the whole file before I can see the results?
A2. To see the results at any point in the installation, just release the file and place it in the languages folder. Then select the language in the
Preferences window of Packet Tracer.
Q3. I have some network files (.pkt) and some activity files (.pka) that need to be translated. How do I go about translating those?
A3. To translate the content in the saved files (e.g., device names, information boxes, or activity instructions), you must open those files and edit
them in Packet Tracer.
A text editor (for example, Notepad++); however, it is recommended that you use an HTML editor (for example, Adobe Dreamweaver)
2. If Packet Tracer is not already using the desired language, go to Options->Preferences and change to the desired language. Also disable screen
reader support if not already done so. Restart Packet Tracer.
3. Click on the desired window to capture (e.g., the Activity Wizard Answer Network page).
4. Hold down the Alt key on the keyboard and press Print Screen on the keyboard.
6. Go to Edit > Paste to paste the screen capture into the new blank document.
8. Go to File > Save As and browse to the images directory (e.g., "\help\japanese_jpn\images\").
9. Save the image using the same name as the original screenshot and in the JPEG format (e.g., "activityWizard_answerNetwork_1.jpg").
Setup
Important: Make sure screen reader support is disabled while capturing the tutorials.
In the "\help\language" folder, replace all of the tutorials in the tutorials folder with the newly captured localized tutorials. More information about
using Adobe Captivate can be found in the help files for Captivate.
Translation Process
2. If Packet Tracer is not already using the desired language, go to Options->Preferences and change to the desired language. Also disable screen
reader support if not already done so. Restart Packet Tracer.
3. Start a new Project in Captivate and capture using the Demonstration mode.
5. Click the record button. You may follow the default installed English tutorials step by step or create your own if desired. It is advisable to
have another computer running the original tutorials if you wish to follow the originals.
6. After the tutorial is done, press the End key or whichever key was set to end the capture.
7. Save the project. Publish the project to the "help\language\tutorials\" folder using the same name as the original file.
The tutorial should now be translated. Repeat the process for the remaining tutorials.
Setup
Obtain the tutorial source from the Academy Connection forums.
Translating Captions
2. Go to File-->Open and choose the " .cp" file in the duplicate folder (i.e. "\help\japanese_jpn\tutorials") to translate.
3. Once "<tutorial title>.cp" file has been loaded, go to File-->Import/Export and choose Export movie captions.
4. Save the captions (you may be asked to overwrite the file, if so, accept).
7. Go to File-->Open and open the "<tutorial title>.doc" file that was exported in step 3.
8. Under the Original Text Caption Data and Updated Text Caption Data, translate the text content under those categories (both of them
should have the same text).
9. Once finished, save the word document and follow the instructions from the Compiling the Tutorial section below to implement the translated
captions.
1. With Captivate and "<tutorial title>.cp" still open from step 5 of the Translating Captions section above, go to File-->Import/Export and
choose Import movie captions.
2. Open the translated word document containing the caption from the Translating Captions section above.
4. Browse to the duplicate folder (i.e. "\help\japanese_jpn\tutorials") if the directory is not pointed there.
5. Click on Publish (you may be asked to overwrite the tutorial, if so, accept).
The tutorial should now be translated. Repeat the process for the remaining tutorials.
Frequently Asked Questions (FAQ)/Troubleshooting Guide
General Issues
1. My computer frequently crashes when I use Packet Tracer.
2. The program screen is cluttered with too many windows! I can't see the workspace.
3. What Cisco IOS version do the routers and switches support?
4. Can I learn the necessary information for CCNA certification just by using Packet Tracer?
5. Does Packet Tracer support all of the features found in Cisco devices?
6. When I make an entry into a text field (such as an IP address), how do I know it goes into effect? Is there an "Apply" button?
7. Can I create unlimited devices?
8. I cannot access the tutorial files.
9. May I distribute Packet Tracer to my students?
10. Why is Packet Tracer running so slowly?
11. Some text in the program is cut off or is not correctly displayed.
12. I have a saved topology from older version of Packet Tracer. Can I open it with this version of Packet Tracer?
13. What is the password to edit the included activities with Activity Wizard?
14. When I try to launch Packet Tracer in Ubuntu 6.10, the terminal gives a Fatal Arithmetic error.
15. I have a saved topology from this version of Packet Tracer. Can I open it with an older version of Packet Tracer?
16. How do I convert PKA files to a PKT file?
17. If I save my file in the default Packet Tracer saves directory in Windows Vista, the save file is found in another directory. However, if I choose
another directory, this issue does not occur.
18. When I try to launch Packet Tracer in Wine, Packet Tracer crashes.
19. On Ubuntu, if I try to create a custom device template, an error message pops up stating "Unable to write to file."
20. How can I save the PKA that I have opened in Activity Wizard to a different file (i.e. Save As)?
21. Is it possible to drag and drop a save file from my operating system inside Packet Tracer to load up the save file?
22. How come the Recent Files list is empty?
23. How do you create an activity PKZ file?
24. How do you modify a PKZ activity file?
25. When creating PKZ files, do I need to ensure all of the background images are in the same folder as the PKA/PKT file?
26. My display resolution is 1024 x 768 or lower. When I go to Simulation Mode and click on the Auto Capture / Play button, events are not
displayed in the Event List.
27. Why doesn't Packet Tracer display fonts properly in Linux?
28. Why does Packet Tracer stop abruptly when right clicking on the Windows taskbar and then selecting "Close Group"?
29. I can't seem to write options to the Packet Tracer installed folder using the function in Preferences.
30. How do I save images added to the cloud for the TV correctly?
31. What's the transparent bar at the bottom edge of the workspace and is there a way to get rid of it?
32. Packet Tracer looks bad in Ubuntu (fonts, layouts, buttons, etc.).
33. Ctrl+Break doesn't work on Linux.
34. All router config windows are closed without warning when closing the Preferences window.
35. Why can't I connect to another Packet Tracer instance using multiuser?
36. Why do upnp.exe and PTUpdater.exe not quit after I submit my online PT exam?
37. When I use the Save Offline Copy feature for Multiuser, sometimes the remote networks in the offline copy will not go up (i.e. link lights stays
red).
38. I do not see the arp, bandwidth, delay, and other commands for the 2960 Switch, as well as some other switches. Why are they missing?
39. I do not see the Hop Limit field in the PDU information window.
40. Why are the IPv6 Src/Dest address fields not taking up four rows each?
41. Why can you only use Courier and Courier New for the CLI text?
42. Why can't I close the LAN Multiuser Agent and WAN Multiuser Agent windows?
43. Why do parts of some PKA instructions get replaced by strange characters after it has been saved and reopened?
Specific Issues
1. In the Physical Workspace, the wiring closet does not display all of the devices I have created in the Logical Workspace.
2. If I turn off the ARP filter in the Event List Filters, does that mean devices won't build ARP tables?
3. Does Packet Tracer use the Spanning Tree Protocol?
4. How does loop-breaking process work in Packet Tracer? Why don't I have the option of viewing packets associated with the loop-breaking
process?
5. When I reset the network in Simulation Mode, why do some switch ports show amber link lights and stay that color?
6. Why does the command clockrate not work?
7. I created a ping packet in Simulation Mode and ran it. Why do I still see packets/frames (like CDP) running on the network after the ping process
is completed?
8. When I issue an extended ping, the parameters I am asked to fill in do not match an extended ping on a real device.
9. Why can't I access sub-interfaces on serial ports?
10. Why can't I test port connectivity with a command such as ping 192.168.1.5:80?
11. Does Packet Tracer support VTP?
12. I can't seem to add a secondary address to a port.
13. How does the Auto settings for bandwidth and duplex work on a port?
14. At the end of a simulation (after the last event), I viewed a device table (such as ARP or MAC) and saw that it was blank. Why is this?
15. Sometimes the CLI screen seems to display text incorrectly. For example, when activating an interface, the router prompt appears at the end of
the sys log message instead of a new line.
16. When I make the interface a trunk port in a interface sub-panel for the switch (under Config), the VLAN range is set to 1 to 1005 even though the
switch does not have that many VLANs set up?
17. When I turn off a router that has its link lights up and then turn it back on, why do the links remain down?
18. When I choose a tool from the Common Tools Bar (such as the Inspect tool), how can I cancel that tool or deselect it?
19. What's the difference between the Reset Simulation button and the Power Cycle Devices button?
20. When I use the Add Simple PDU tool to ping a router, the destination IP address is the Ethernet interface rather than the serial interface. What
determines the default destination interface for a ping?
21. When I have a static route and RIP configured on a router, why is it that the static route with an administrative distance of 1 is preferred over RIP
routes with an administrative distance of 120?
22. When I configure static NAT on a router and perform a ping, why does the router eventually lose the NAT translations after several successful
pings?
23. When I enter an EIGRP network command, such as network 192.168.1.0 255.255.255.0, the result should be network 0.0.0.0 255.255.255.0
instead. However, on a real router, the result is actually network 192.168.1.0.
24. When I try to do an extended ping in the CLI with a source IP address that doesn't belong to the device, it gives me an invalid source error
message.
25. In Simulation Mode, when I only have a single Event List Filter enabled, such as UDP, and then click on Capture / Forward, I get the message,
"The maximum number of events has been reached..." This is counter-intuitive since no events are shown in the Event List at all.
26. When a router doesn't have a next hop MAC address, it sends an ARP request and will drop the ICMP packet as well. Is this normal behavior?
27. When I save a configuration to the router NVRAM (wr mem or copy run start), the router does not save the configuration when Packet Tracer is
shut down. This only occurs if you save the topology.
28. When you use the same network/subnet on two different devices, the Cisco IOS CLI reports an error saying that the IP address conflicts with
another interface.
29. Which cable do I use to connect an Access Point to other networking devices?
30. What is the difference between the activity file (.pka) that I author and the activity file that I give to others?
31. Is it possible to import or open Packet Tracer activity files from a previous version?
32. What is the correct version for EIGRP? I have seen only two versions, v0 and v1. However, in the PDU Information Window, the version
reported is version 2.
33. In Simulation Mode, why do some devices/ports sometimes buffer frames and say the ports are sending other frames when there are no frames
shown in the Event List?
34. When creating multiple connections between the same two devices (e.g. trunking), the cables connected earlier may be hidden by the new ones.
How do I know how many cables are connected?
35. Using the Activity Wizard, how do I lock out the GUI configuration for routers and switches to force the users to use only the CLI?
36. What happens to the IP address of a device when I duplicate the device?
37. What is the limit for the number of wireless hosts and access points in the same coverage area?
38. When I create a template of a device with additional IOS images besides the default IOS image, only the default IOS image of the device appears
in the custom device.
39. Is Realtime mode exactly in sync with real world time?
40. Why, when I enable logging and configure devices in the CLI and then save the file, does the save file not save the log?
41. When I send a PDU over devices with multiple links between them, with one of the links shutdown, why does the PDU traverse the shutdown
link instead of the active link in Simulation Mode?
42. Why do I get two different average round trip times for the exact same pings in Realtime Mode and Simulation Mode?
43. When I issue the "clear ip route *" command in CLI, it doesn't clear the routing tables.
44. Why can't enable secret passwords be assessed reliably in activities?
45. I can add a WEP key that is out of the hex range for the Linksys router when I shouldn't be able to.
46. In the Event List filter window, why does unchecking HTTP filter have no effect when TCP is checked?
47. Why does the Inspect tool have no effect on the Linksys router?
48. When I telnet into another device, the config tab does not work.
49. Why do static routes with admin distances of 255 show up on the routing table?
50. Packet Tracer crashes when I have many instances of Packet Tracer opened.
51. How can configurations from Packet Tracer and real devices be used in activities to check enable secret and other passwords with service
password-encryption on?
52. Why are values in Config tab not changed when I have already changed them in console?
53. Why do HTTP packets still show up when I have the HTTP filter unchecked?
54. Why does Packet Tracer generate the same encryption string when the same password is entered more than once?
55. How do I add a graphic image of a topology in the activity instructions?
56. Why am I able to add and remove content from the activity instructions window when it should be read-only?
57. When I enter "show interface s0/0/0" in the CLI, the IOS output says "show interface s0/0/0" is an ambiguous command.
58. How come I cannot use Variable Manager for scoring with VLAN interface IDs (SVIs)?
59. Is there a way to speed up convergence of the network when I open a file? Sometimes my activity is graded incorrectly since the answer network
hasn't converged.
60. I cannot make a Multiuser connection between Windows and Linux machines.
61. I can still access the Config tab of a router or switch even if there is an enable secret password in the running configuration.
62. Is there a way to distinguish between outgoing and incoming Multiuser remote network clouds? Also, when I have an incoming Multiuser
connection, Packet Tracer creates a Multiuser remote network cloud if the name is incorrect.
63. When I try to set a variable value to Elemental Position in Variable Manager, the value sets itself to zero and cannot be changed to any other
position.
64. When I try to copy text from the CLI tab using "Ctrl + C", the output has unorganized text that can be dragged around.
65. How come I am able to enter negative point values for Assessment Items in activities?
66. Can a wireless PC associate to an access point that is from a Multiuser remote network?
67. When I try to create a loop on a switch by connecting a straight-through or cross-over cable to different ports on the same switch, I get a
connection error stating that "The cable cannot be connected to that port?"
68. How come when I have multiple wireless profiles in a wireless PC and then delete the wireless router that the wireless PC is currently associated
to, the wireless PC does not automatically associate to the other wireless routers that has a profile?
69. In Physical Workspace, sometimes the geoicons do not work correctly. For example, I am able to move the geoicons beyond the "border." Also,
the geoicon labels are sometimes detached from the geoicon itself after navigating between locations.
70. How come the output for various commands in Packet Tracer, such as "show ipv6 nat translations," is different from a real router?
71. When I click on Save Settings in the Applications & Gaming section in the Linksys GUI, the last item in focus does not save.
72. How come when I create a complex PDU, the Outgoing Port drop-down list does not contain any ports?
73. The Variable Manager Interface in the Activity Wizard Answer Network panel is too narrow.
74. When I have a router with 2 LANs (e.g. 192.168.1.1 and 192.168.2.1), a PC with an IP address in the 192.168.1.0 network can be pinged by a PC
in the 192.168.2.0 network even if the PC in the 192.168.1.0 network has the incorrect default gateway (e.g. 192.168.2.1).
75. When I copy and paste the entire "show running-config" output in Global Config Mode, some commands return "% Invalid input detected at '^'
marker."
76. When I undo a deleted device/link that was connected to a Multiuser remote network, Packet Tracer crashes.
77. When I delete a link to a Multiuser remote network, the link isn't removed from the Multiuser remote network.
78. Packet Tracer appears to be able to ping a default gateway that does not exist.
79. When I am configuring Frame-Relay, the "show running-config" shows that the encapsulation is IETF, but the "show frame-relay lmi" command
shows that it is Cisco.
80. The Linksys router icon looks too similar to the Cisco 1841 ISR icon.
81. When I create a new file, a registered IPC device creation event such as deviceAdded in the previous topology disappears.
82. Does Packet Tracer support SHA1 encryption?
83. The source IP address field does not appear in the Add Complex PDU dialog.
84. Where does the server device look for images to load pages with image tags from?
85. When routers exchange routes to the same route, their routes become possibly down after a while.
86. Where are the RADIUS and TACACS server configurations for the server device?
87. Why am I not able to move or control cables connected to Multiuser remote network clouds in Physical Workspace?
88. How do I navigate to a previous cluster level or Physical Workspace level?
89. When I close a device dialog while in Simulation Mode, the simulation resets.
90. Where is the Viewport feature located in Physical Workspace?
91. When I issue the command "show crypto map", the output differs from what I see on a real router.
92. When I do "show cdp neighbors" after loading a save file, not all neighbors are in the output, but the neighbors show up after a while.
93. If I move a device with a BendPoint or GroupPoint in Physical Workspace, the BendPoint or GroupPoint disappears.
94. Packet Tracer generated a configuration file on my computer's local user directory.
95. The Ethernet interface configuration dialogs in the GUI looks different from other types of interfaces.
96. When I try to issue CTRL + Shift + 6 + X on the keyboard to terminate a telnet session on a PC device, nothing happens.
97. The number of packets encapsulated and deencapsulated shown in the "show crypto ipsec sa" are not equal.
98. Sometimes when I view PDU details of STP packets, the PDU details would say SSTP Multicast Address instead of STP Multicast Address.
99. The MIB Browser does not have a horizontal scrollbar for the MIB tree so it is hard to navigate and view the tree.
100. Why do wireless end devices sometimes form random associations?
101. When I add a DNS resource record with the name in upper-case letters, Packet Tracer adds the name in lower-case instead.
102. Cables in Physical Workspace aren't redrawn correctly while resizing objects.
103. When I close the Preferences dialog, any other dialog that I have opened closes also.
104. When I click on the link lights on a cable, the connection detaches from the nearest connected device and I am able to make a connection with
the same cable again.
105. Switches are not able to detect a new route when an old route is down.
106. I was trying to create a device after clicking on the Place Note tool. The mouse cursor stayed as the Place Note cursor icon, instead of the Select
tool cursor icon. Why is it like that?
107. Frame-relay map statement is not accepted under interface mode. When I run the command to add a map it says "%Address already in map". I
get this message even after I delete the entry and try to add it again.
108. In the Activity Wizard, when I click on the close button on the Instructions window, the window gets minimized.
109. In a router or switch's CLI, sometimes when I type a password, "circles" or "asterisks" fail to appear while entering characters for the password.
110. Why are end devices with the Linksys WMP300N module able to connect to a Linksys router that operates in BG-Mixed mode?
111. Which types of wireless networks do the Tablet PC and PDA support?
112. I changed the time and date on an NTP server on a server end device. After closing the server device dialog, and reopening it, the time and date
reverted back to the previous settings.
113. When I try to ping a host that is connected to a Linksys router's LAN port, the ping fails.
114. Pressing Ctrl+A on the keyboard does not select all text in certain areas of the GUI.
115. Even though there is no power cord attached to an IP Phone, it still appears to be on.
116. When I hover over an end device that is supposed to be configured with a line number, the line number only shows when I open the Cisco IP
Communicator.
117. When I enter the command "mac-address H:H:H" in ephone configuration mode, I receive an invalid input error message in the CLI.
118. When I press the "Do" "Re" or "Mi" notes in the GUI of the phones, I don't hear anything.
119. I connected a cloud's Ethernet6 port to a router. When the cloud receives a DHCP packet, it does not send out to the Ethernet6 port. Why?
120. Why does Packet Tracer always do PAT when there is no overload command?
121. When I use the Copy from Answer Network function in the Initial Network panel of Activity Wizard, the variables from the Answer Network
do not get copied over.
122. When I try to copy and paste a Multiuser cloud, nothing happens.
123. When I try to create a multiuser connection while in Activity Wizard, an error message appears stating that "Cannot make multiuser connection
to this instance of Packet Tracer."
124. After I invoked the command "ssid test" from interface Dot11Radio0/3/0 on a router, there still seems to be some kind of wireless signal
detected on a wireless PC. Is this correct behavior?
125. When I switch from Realtime Mode to Simulation Mode, the time seems to shift forward.
126. When I press CTRL+C or CTRL+Shift+6 to terminate a traceroute, it doesn't work.
127. When I try to telnet to a switch from itself, the connection attempt times out.
128. Packet Tracer's CPU and memory usage increases when I have a network with many switches connected in loops.
129. When I leave the WEP key field blank on a wireless device and click on a button in the Config tab, the button remains depressed after I get the
WEP key cannot be empty error popup.
130. Why do the routing tables display the CIDR subnet mask such as /30 on routers connected by serial connections?
131. Why is the CPU usage from Packet Tracer so high sometimes?
132. Why do 1841 Routers not support voice commands anymore?
133. Why in Simulation Mode, CDP packets are shown even though they are not selected in the Event List Filters?
134. Why are the routing tables different when I reopen a file that involves route redistribution?
135. Why does the PC Web Browser not detect IPv6 addresses like aaaa:2::2 as a valid address?
136. When I tried to move a device inside a cluster in maximum zoom out mode, the move object popup is not aligned with the device.
137. When I changed the MAC address of the Fast Ethernet port on a PC, the IPv6 link local address doesn't change accordingly.
138. Why does PT print out "UUUUU" instead of "NNNNN" if a ping's source IP is beyond scope (source IP is a link local address and the
destination IP is beyond its LAN)?
139. When I copy a device inside a cluster, I cannot paste the device into a different cluster?
140. When I issue the command "show interface" on a router, the output shows that the line protocol is up even though it is the DTE interface and the
DCE interface has not been issued the clock rate command.
141. There is CLI for the frame relay cloud. The only option is to configure using the GUI.
142. When I author a PKA with variables in assessment items and then try to test my activity, certain assessment items such as the default gateway or
DNS server IP addresses are marked incorrect, even if the values are equal to the answer network.
143. After creating a complex network, clicking "reset simulation" does not clear ARP tables or DNS caches. Is this a bug?
144. In the activity wizard circling tool, how come some shapes do not grade correctly?
145. Can I add two wireless modules to an end device?
146. When I pasted in my commands to a router, the case is not preserved. For example, I pasted in "hostname R1" and PT changed it to "hostname
r1".
147. If I setup a network with two LANs, can one PC from one network ping another PC from the other network?
148. I cannot find "show device dialogue taskbar" in preferences anymore. Has it been removed?
149. Why can't I find any routing configuration on the 3560-24PS switch when I open my file in PacketTracer6.0?
150. When I setup a server with two NICs, and I setup a PPPoE dialer, the connection fails. Why is that?
151. When I mouse over Octal cables, it doesn't show much information. Why is that?
152. Why does PT crash when I test activity or load an activity with 0 sets of object locations?
153. Why are IPv6 Neighbor Discovery Protocol (NDP) packets are labeled as NDP instead of ICMPv6?
154. For IPv6 addressing, why don't we get a partial credit if we enter the prefix length correctly but with a wrong IPv6 address?
155. What should I expect to see on Netflow Collector GUI when it receives a flow that matches one of the flows that it has in the cache?
156. Why does the alert saying "Cannot write to file" sometimes appears when I save my scripts?
157. Why does the device show a default hostname in Packet Tracer 6.1 and not in previous versions?
158. Why does "standby version 2" always show up in the running configuration when HSRP is configured eventhough the command was not
entered?
159. Why does Packet Tracer fail to elect the correct root for (R)STP causing loops in the topology when a hub is in between two switches?
2 The program screen is cluttered with too many You can undock sub-windows by double-clicking on the title bar and move them away
windows! I can't see the workspace. from the workspace area. You can also prevent sub-windows from docking by holding
down Ctrl while moving them.
3 What Cisco IOS version do the routers and Packet Tracer uses simplified models Cisco IOS, using real Cisco IOS images as
switches support? references. The Cisco 1841 router supports Cisco IOS version 12.3(14)T7, 12.4(12), and
12.4(15)T1. The Cisco 1941 router supports Cisco IOS version 15.1(4)M4. The Cisco 2600
series routers support Cisco IOS version 12.2(28), 12.4(8), and 12.4(15)T1. The Cisco 2811
router supports Cisco IOS version 12.3(14)T7, 12.4(8), and 12.4(15)T1. The Router-PT
router supports Cisco IOS version 12.2(28). The Cisco 2901 router supports Cisco IOS
version 15.1(4)M5. The Cisco 2911 router supports Cisco IOS version 15.1(4)M5.
The Cisco Catalyst 2950 series switches supports Cisco IOS version 12.1(22)EA4 and
12.1(22)EA8. The Cisco Catalyst 2960-24TT switch supports Cisco IOS version
12.2(25)FX and 12.2(25)SEE1. The Switch-PT switch supports Cisco IOS Version
12.1(22)EA4. The Cisco Catalyst 3560-24PS switch supports Cisco IOS version
12.2(37)SE1.
4 Can I learn the necessary information for CCNA No. Packet Tracer is a tool to supplement the CCNA curriculum. Students can learn basic to
certification just by using Packet Tracer? intermediate router and switch configuration and see how packets are processed by
networking devices as they traverse the network.
5 Does Packet Tracer support all of the features No. The program supports a small subset of the features from Cisco devices. Please see the
found in Cisco devices? "Router IOS" or "Switch IOS" help pages. Packet Tracer uses simplified models of
networking protocols and Cisco IOS; you should always compare your results to those
obtained from real equipment.
6 When I make an entry into a text field (such as an Text field inputs are updated and applied as soon as they lose focus (e.g., when you click
IP address), how do I know it goes into effect? Is somewhere else on the screen). There are no "Apply" buttons.
there an "Apply" button?
7 Can I create unlimited devices? No. The number of devices is limited by the amount of free memory on your computer.
8 I cannot access the tutorial files. Pop-up blockers can stop the tutorial files from running. Make sure you have these disabled
when trying to view the tutorials.
9 May I distribute Packet Tracer to my students? Yes. Please distribute Packet Tracer to currently enrolled Cisco Networking Academy
Program students. If the distribution method is through a website, ensure that the website is
password protected. Refer to the "Copyrights" page for more information.
10 Why is Packet Tracer running so slowly? Does your system meet the minimum requirements? The minimum requirements, listed in
the help documentation, allow for the basic use of Packet Tracer in creating small- to
medium-size networks. It is recommended that you use a faster machine with more
memory to create large networks. You can turn off the Sound and Animation options to
increase performance.
11 Some text in the program is cut off or is not Packet Tracer by default requires that your system supports the Verdana font to display text
correctly displayed. correctly. Alternatively, you may change the fonts for dialogs, workspace/Activity Wizard,
and the general interface in Preferences under the Font tab.
12 I have a saved topology from older version of Most simple topologies will load from previous versions of Packet Tracer, however, Packet
Packet Tracer. Can I open it with this version of Tracer only offers limited backward-compatibility and not all files are guaranteed to open.
Packet Tracer?
13 What is the password to edit the included Instructors may obtain the password from the Packet Tracer forums on the Academy
activities with Activity Wizard? Connection website.
14 When I try to launch Packet Tracer in Ubuntu Ubuntu 6.10 is not supported.
6.10, the terminal gives a Fatal Arithmetic error.
15 I have a saved topology from this version of No. Forward compatibility of save files is not fully supported. An "Invalid File" message
Packet Tracer. Can I open it with an older version may appear if you have a save file from this version Packet Tracer and then try to open it in
of Packet Tracer? an older version Packet Tracer.
16 How do I convert PKA files to a PKT file? There are actually multiple "PKT" files inside an activity file.
To "convert" from a PKA to a PKT file:
1. Open the PKA
2. Go to Activity Wizard.
If you are interested in the Answer Network, go to the Answer Network section and click
on "Export Answer Network to File" and save it as a PKT.
If you are interested in the Initial Network, go to the Initial Network section and click on
"Export Initial Network to File" and save it as a PKT.
17 If I save my file in the default Packet Tracer This appears to be how Windows Vista handles saving items in the Program Files directory.
saves directory in Windows Vista, the save file is You can change the User Folder in Preferences to a folder that you have write permission
found in another directory. However, if I choose to.
another directory, this issue does not occur.
18 When I try to launch Packet Tracer in Wine, Wine is not supported. Please use the Linux version of Packet Tracer instead.
Packet Tracer crashes.
19 On Ubuntu, if I try to create a custom device If Packet Tracer is installed as root, then you need to run as root in order to write to
template, an error message pops up stating templates folder in the Packet Tracer directory. You can change the User Folder in
"Unable to write to file." Preferences to a folder that you have write permission to.
20 How can I save the PKA that I have opened in While in Activity Wizard, go to File -> Save As in the main Packet Tracer window and then
Activity Wizard to a different file (i.e. Save As)? save the PKA to a different file.
21 Is it possible to drag and drop a save file from my Currently, drag and dropping files into Packet Tracer is not supported.
operating system inside Packet Tracer to load up
the save file?
22 How come the Recent Files list is empty? Make sure that your User Folder in Preferences is set to the user folder on your computer.
23 How do you create an activity PKZ file? First create your PKA file as a normal PKA. Make sure all of your images and other files
that go along with the PKA is set in the initial network as necessary (and answer network
for completeness). Then, in the Activity Wizard, go to Test Activity and do a File -> Save
as PKZ. Include any extra files as necessary. This will save your PKA as a PKZ file with an
activity.
24 How do you modify a PKZ activity file? Open the PKZ file and go to Activity Wizard. Modify the activity as desired. Then go to
Test Activity and do File -> Save as PKZ.
25 When creating PKZ files, do I need to ensure all Yes. While creating the PKZ, add the PKT or PKA and any images from the same directory
of the background images are in the same folder as the images' path added in the PKT or PKA relative to the PKT or PKA file path.
as the PKA/PKT file?
26 My display resolution is 1024 x 768 or lower. Increasing the display resolution to 1280 x 1024 or higher will make the GUI appear
When I go to Simulation Mode and click on the properly.
Auto Capture / Play button, events are not
displayed in the Event List.
27 Why doesn't Packet Tracer display fonts properlyPacket Tracer uses fonts such as Verdana, Times New Roman, etc. which may not be
in Linux? installed on Linux distributions by default. All Linux distributions that do not have these
fonts installed need to install them first.
28 Why does Packet Tracer stop abruptly when right This is a Qt framework issue. When closing the group, all opened windows get a
clicking on the Windows taskbar and then simultaneous kill signal, and the current version of Qt (v4.4.3) does not call the
selecting "Close Group"? destructors/closeEvent() of the open windows. Therefore, widgets that depend on other
widgets to close first do not wait and Packet Tracer stops abruptly. A better solution is
expected in future Qt versions.
29 I can't seem to write options to the Packet Tracer Launch Packet Tracer as an administrator in order to write to a system folder where Packet
installed folder using the function in Preferences. Tracer is installed.
30 How do I save images added to the cloud for the The save file must be saved as a PKZ. While creating the PKZ, add the PKT and TV
TV correctly? images from the same directory as the TV images' path added in the PKT relative to the
PKT file path.
31 What's the transparent bar at the bottom edge of The bar is the Device Dialog Taskbar which makes device dialogs that are currently opened
the workspace and is there a way to get rid of it? more accessible. To remove the Device Dialog Taskbar, go to Preferences and uncheck
"Show Device Dialog Taskbar" under the Miscellaneous tab.
32 Packet Tracer looks bad in Ubuntu (fonts, Packet Tracer for Linux is built against the Qt 4.4.3 Commercial edition. As a result, for
layouts, buttons, etc.). systems without these libraries custom built on their system, we have included the libraries
as part of Packet Tracer to ensure Packet Tracer runs on their system. However, since the
libraries are not built against your particular system, the layouts, fonts, and general
interface may not match your system and therefore look bad. You can install your own Qt
libraries and link against them for Packet Tracer, however it is unsupported as the versions
may not match exactly and therefore bugs may be introduced.
33 Ctrl+Break doesn't work on Linux. Qt issue on Linux -- it doesn't capture the Ctrl+Break keys. A workaround is to use Ctrl+C
on Linux.
34 All router config windows are closed without This is the intended behavior.
warning when closing the Preferences window.
35 Why can't I connect to another Packet Tracer Please check the other Packet Tracer instance's IP address, port, and password. Packet
instance using multiuser? Tracer does not currently show an error message or indicator for incorrect password. Please
retype the password to make sure. This will be fixed in the next version.
36 Why do upnp.exe and PTUpdater.exe not quit This is an interaction issue between the PT exam, PT, and some Windows platforms. We
after I submit my online PT exam? have only experienced it on some Windows Vista machines. You can manually end these
two processes in Task Manager.
37 When I use the Save Offline Copy feature for When you save an offline copy, your local network and each remote network has its own
Multiuser, sometimes the remote networks in the Home City in Physical Workspace. If you have the option Enable Cable Length Effects
offline copy will not go up (i.e. link lights stays enabled in preferences, the connections may stay down if the connected cities in Physical
red). Workspace are far apart. A workaround to this issue is to go into Physical Workspace and
move the connected cities closer together or disable the option Enable Cable Length Effects
in preferences.
38 I do not see the arp, bandwidth, delay, and other The ports on the model themselves have these limitations.
commands for the 2960 Switch, as well as some
other switches. Why are they missing?
39 I do not see the Hop Limit field in the PDU The Hop Limit field has been renamed HL in Packet Tracer so that the value can be
information window. displayed without scrolling.
40 Why are the IPv6 Src/Dest address fields not Src/Dest IPv6 address fields are 128 bits but in PDU Packet Tracer shows them occupying
taking up four rows each? only one row because it is enough to hold the IPv6 address in text format.
41 Why can you only use Courier and Courier New Only fixed size fonts are supported for CLI text now.
for the CLI text?
42 Why can't I close the LAN Multiuser Agent and This is intentional. The LAN Multiuser Agent and WAN Multiuser Agent script modules
WAN Multiuser Agent windows? require frequent updates (keepalives) between the Multiuser server and clients in order to
operate. To close the windows, you will need to stop the script module(s). To do so, go to
Extensions menu > Scripting > Configure PT Script Modules then select LAN Multiuser
Agent or WAN Multiuser Agent and click on the Stop button.
43 Why do parts of some PKA instructions get For instructions that use HTML, entity codes must be used for some characters.
replaced by strange characters after it has been
saved and reopened?
Specific Issues
Question/Problem Answer/Solution
1 In the Physical Workspace, the wiring closet does
A wiring closet can have a maximum of three tables or racks. When closets become full,
not display all of the devices I have created in the
additional ones will be created automatically to accommodate more devices. When multiple
Logical Workspace. closets are created they are one on top of the other, so you must move the first one to see
the second and the third, etc.
2 If I turn off the ARP filter in the Event List No. The filters are for display purposes only and do not affect the actual function of the
Filters, does that mean devices won't build ARP network. The packets are in the network but are not visible. Note that while users new to
tables? networking may not want to display ARP packets, many behaviors involving Ethernet
(such as the first ping across a router being dropped while ARP is occurring) are not fully
explainable without reference to ARP.
3 Does Packet Tracer use the Spanning Tree Yes. Packet Tracer models Per Vlan Spanning Tree Protocol to break possible switching
Protocol? loops. When first loading files with switches, or routers with switchports, the Spanning
Tree Protocol will go through the different states on the ports before putting them in
forwarding state, indicated by an amber light. If this causes an annoying delaying, toggling
between Realtime and Simulation mode 3 or 4 times will decrease the delay caused by the
transition of states.
4 How does loop-breaking process work in Packet Layer 2 loop-breaking is done in STP. You can view these packets in Simulation Mode.
Tracer? Why don't I have the option of viewing Layer 1 loop-breaking is still done in a Packet Tracer proprietary protocol and converges
packets associated with the loop-breaking immediately.
process?
5 When I reset the network in Simulation Mode, The amber link light indicates that the switch port is not in STP forwarding state. STP takes
why do some switch ports show amber link lights over 30 seconds to put a port into forwarding state if there are no loops. A port may be put
and stay that color? in blocking mode and stay in amber color if the port is in a loop.
6 Why does the command clockrate not work? The term "clockrate" is not a documented Cisco IOS command. Use clock rate instead.
7 I created a ping packet in Simulation Mode and Routers and switches send out CDP frames every 60 seconds regardless of what packets
ran it. Why do I still see packets/frames (like you created yourself. If you do not want to see the CDP events, uncheck the CDP filter in
CDP) running on the network after the ping the Event List Filters. You can also disable CDP on the Cisco devices by using the Cisco
process is completed? IOS CLI. There are other protocols that periodically send out packets/frames without any
configurations, including STP and DTP.
8 When I issue an extended ping, the parameters I Some parameters, such as the following, are not supported:
am asked to fill in do not match an extended ping
on a real device. Sweep range of sizes [n]:
9 Why can't I access sub-interfaces on serial ports? Packet Tracer supports serial sub-interfaces for frame relay encapsulation only. HDLC and
PPP serial sub-interfaces are not supported in this version. In order to create a serial sub-
interface, the physical interface must be configure to use frame relay encapsulation first.
Then, in creating a serial sub-interface, the type (point-to-point or multipoint) must be
defined.
10 Why can't I test port connectivity with a Packet Tracer does not support this specific ping feature.
command such as ping 192.168.1.5:80?
11 Does Packet Tracer support VTP? Packet Tracer supports several commands relating to VTP domain, mode, password, and
version.
12 I can't seem to add a secondary address to a port. Packet Tracer does not support the ip address secondary command.
13 How does the Auto settings for bandwidth and The Auto setting enables auto-negotiation on the port of the device. When two ports are
duplex work on a port? connected and both have auto-negotiation on, the best connection settings will be
determined automatically and the link will be functional. The link will also be functional if
one port has auto-negotiation on and the other is set at Half Duplex. However, if the other
port is set at Full Duplex, the link will not be functional.
14 At the end of a simulation (after the last event), I Did you press the Capture / Forward button after the last event occurred? The ARP table
viewed a device table (such as ARP or MAC) and clears after the end of the animation because after the last packet, the only timers left are
saw that it was blank. Why is this? ARP entry timeout timers. Because the Capture / Forward button advances in time to the
next event (but there are no more future packets), the ARP entry timeout timer will expire.
Thus, the ARP table becomes empty. This is similarly true for MAC tables.
15 Sometimes the CLI screen seems to display text There is a no line break after the interface status messages because that is how it is
incorrectly. For example, when activating an displayed on real devices. However, note that the Packet Tracer status messages are
interface, the router prompt appears at the end of displayed immediately after the event occurs. Real devices may have a delay of about 1
the sys log message instead of a new line. second.
16 When I make the interface a trunk port in a In Packet Tracer as well as on real equipment, the switch allows all VLANs (1 to 1005) on
interface sub-panel for the switch (under Config), a trunk port by default, even if the VLAN does not actually exist on the switch. From the
the VLAN range is set to 1 to 1005 even though drop-down menu, you can view the VLANs that do exist and block (uncheck) them from
the switch does not have that many VLANs set the trunk. However, you cannot block VLANs that do not exist. This action does not affect
up? the switch functionality. It is simply a way to display VLANs (or a range of VLANs) that
the trunk supports.
17 When I turn off a router that has its link lights up By default, router ports are in a "shutdown" state unless the no shutdown command has
and then turn it back on, why do the links remain been issued. When a router is turned off and then on, it reads the startup-config file for
down? configuration information. If the router contains no saved startup configuration that
included the no shutdown command on a port, that port will not come up automatically.
18 When I choose a tool from the Common Tools Press the Esc key or click on another tool in the Common Tools Bar.
Bar (such as the Inspect tool), how can I cancel
that tool or deselect it?
19 What's the difference between the Reset The Power Cycle Devices button does everything the Reset Simulation button does in
Simulation button and the Power Cycle Devices addition to power-cycling devices that are powered on. Reset Simulation impacts the
button? display and animation of already captured packets but not change the actual state of the
networking devices.
20 When I use the Add Simple PDU tool to ping a The Add Simple PDU tool is a quick way to create PDUs. The source device does not
router, the destination IP address is the Ethernet specify a source interface. It uses the outgoing interface as the source interface. The
interface rather than the serial interface. What destination IP address is chosen to be the first interface with a set IP address on the
determines the default destination interface for a destination device. The order of the interfaces is the same order as displayed in the show
ping? running-config and show interfaces commands.
To specify the destination address manually, use either the CLI or the Add Complex PDU
tool. Both of these allow for configuration of the outgoing interface and destination IP
address of the source device.
21 When I have a static route and RIP configured on Packet Tracer is modeled from real routers, in which a static route with a smaller
a router, why is it that the static route with an administrative distance is preferred over RIP routes. Instead of using the default
administrative distance of 1 is preferred over RIP administrative distance of 1 for the static routes, you can try using an administrative
routes with an administrative distance of 120? distance larger than 120 so that RIP routes would be installed in the routing table when they
are available and static routes would be installed if RIP routes are not there.
22 When I configure static NAT on a router and The ICMP NAT entries timeout in 1 minute. So, if 1 minute has passed either in Realtime
perform a ping, why does the router eventually or Simulation Mode, the NAT entries generated by ICMP packets would be removed from
lose the NAT translations after several successful the NAT table.
pings?
23 When I enter an EIGRP network command, such The network command for EIGRP should accept a wildcard mask for the second argument,
as network 192.168.1.0 255.255.255.0, the result as stated in the help command network 192.168.1.0 ?. So, the command network
should be network 0.0.0.0 255.255.255.0 instead. 192.168.1.0 0.0.0.255 means the network 192.168.1.0/8. However, this command is
However, on a real router, the result is actually inconsistent with the help command in which network 192.168.1.0 255.255.255.0 also
network 192.168.1.0. means the network 192.168.1.0/8. Packet Tracer implements the command like a real
router.
24 When I try to do an extended ping in the CLI This is how extended ping works. You can only specify an IP address on the device as the
with a source IP address that doesn't belong to the source address. Otherwise, it gives an error.
device, it gives me an invalid source error
message.
25 In Simulation Mode, when I only have a single The Event List Filters are not connected to how events are captured. Even if nothing is
Event List Filter enabled, such as UDP, and then checked to display, Packet Tracer still captures everything. So, after capturing 500 events,
click on Capture / Forward, I get the message, Packet Tracer will show that message. However, the last part of the message says that the
"The maximum number of events has been user can adjust the Event List Filters to see previous events.
reached..." This is counter-intuitive since no
events are shown in the Event List at all.
26 When a router doesn't have a next hop MAC Yes. When a router does not have the next hop MAC address, it will send an ARP request,
address, it sends an ARP request and will drop the but will also drop the packet. It does not buffer the packet and wait for the ARP reply to
ICMP packet as well. Is this normal behavior? come back because that could cause considerable performance decreases if there are a lot
of pending ARP entries.
27 When I save a configuration to the router Yes. Saving the configuration to NVRAM only saves to the current file. You have to save
NVRAM (wr mem or copy run start), the router the topology as a .pkt file to preserve your work between different Packet Tracer sessions.
does not save the configuration when Packet
Tracer is shut down. This only occurs if you save
the topology.
28 When you use the same network/subnet on two This is no longer an issue in Packet Tracer. You will see the following similar error
different devices, the Cisco IOS CLI reports an messages if those two devices were connected already, and if you were trying to assign the
error saying that the IP address conflicts with same IP address:
another interface.
%DUAL-5-NBRCHANGE: IP-EIGRP 1: Neighbor 10.1.0.1 (FastEthernet0/0) is down:
interface down %IP-4-DUPADDR: Duplicate address 10.1.0.1 on FastEthernet0/0, sourced
by 0090.0CEC.5C01 %IP-4-DUPADDR: Duplicate address 10.1.0.1 on FastEthernet0/0,
sourced by 0090.0CEC.5C01
29 Which cable do I use to connect an Access Point Access points connect to hubs and switches with a straight-through cable. Meanwhile, a
to other networking devices? crossover cable is needed to connect an access point to routers and end devices.
30 What is the difference between the activity file The activity file created with Activity Wizard contains both the authoring information and
(.pka) that I author and the activity file that I give the activity itself. If you do not want others to view or change the contents of your activity,
to others? you may password protect the activity in Activity Wizard.
Just like a regular Packet Tracer network file (.pkt), the progress of activity files can be
saved at any time. To have a fresh activity for redistribution, be sure to reset the activity in
the instructions box, then save the activity.
31 Is it possible to import or open Packet Tracer The short answer is "No." However, Packet Tracer can import old Packet Tracer network
activity files from a previous version? files (.pkt), with some limitations. You may export the answer and initial networks from an
older version of Packet Tracer, then import then into Packet Tracer using Activity Wizard.
It is best to re-author activities in the latest version of Packet Tracer, though existing work
from previous versions can be imported and adjusted.
32 What is the correct version for EIGRP? I have The version field in the EIGRP packet indicates the EIGRP version of the sender. There is
seen only two versions, v0 and v1. However, in only one version of EIGRP. However, from the packet captures from routers, the version
the PDU Information Window, the version number is always 2. This is a constant. Packet Tracer is modeling as it would be captured
reported is version 2. from a real network.
33 In Simulation Mode, why do some devices/ports There are some types of frames that Packet Tracer does not display to the user, such as
sometimes buffer frames and say the ports are keepalives on the serial links. When these frames are being sent, the device will buffer the
sending other frames when there are no frames other frames that are waiting.
shown in the Event List?
34 When creating multiple connections between the Packet Tracer will display several distinct cables in parallel. However, there is a limit. A
same two devices (e.g. trunking), the cables workaround is to use another device, such as a repeater for Ethernet connections, to
connected earlier may be hidden by the new ones. emphasize the visual distinction of a particular link.
How do I know how many cables are connected?
35 Using the Activity Wizard, how do I lock out the Attach a console cable from the PC to the switch or router. In the Initial Network section of
GUI configuration for routers and switches to the Activity Wizard, lock "Configuration" for the switch or the router. Now, users must
force the users to use only the CLI? console into the switch or router from the terminal of the PC to configure them.
36 What happens to the IP address of a device when When you duplicate a device with an IP address assigned to any of its interfaces, the IP
I duplicate the device? addressing will be cleared on the duplicate device.
37 What is the limit for the number of wireless hosts The limit is 10 wireless hosts with 3 access points in the same coverage area. Beyond that
and access points in the same coverage area? limit, wireless connections become unpredictable. This is similar to real equipment except
Packet Tracer has a lower limit.
38 When I create a template of a device with The template devices store the hardware information only, including the device model and
additional IOS images besides the default IOS what modules are installed on them. The workaround to this issue is to copy and paste the
image, only the default IOS image of the device device. The duplicated device will have the same IOS images as the original device.
appears in the custom device.
39 Is Realtime mode exactly in sync with real world No. Realtime mode in Packet Tracer runs at a different rate than real world time. It may run
time? slower as more devices and protocols are added to the network. The speed of the computer
running Packet Tracer also affects the Realtime mode.
40 Why, when I enable logging and configure The command log is not saved with the save file and is session based. Alternatively, you
devices in the CLI and then save the file, does the may export the log under the Interface tab in Preferences.
save file not save the log?
41 When I send a PDU over devices with multiple This is a result of an animation error. The PDU takes the center path between the two
links between them, with one of the links devices instead of the center path between the two endpoints of the links. A possible
shutdown, why does the PDU traverse the workaround is to use hubs or repeaters to connect some of the links.
shutdown link instead of the active link in
Simulation Mode?
42 Why do I get two different average round trip In Realtime Mode, time is always running regardless of the events occurring in the
times for the exact same pings in Realtime Mode network. In Simulation Mode, time is event driven, under your control. The time in
and Simulation Mode? Realtime Mode may be affect by the speed of the computer Packet Tracer is running on and
the number of devices and protocols running in Packet Tracer. For more information, please
view the "Time Management Between Realtime and Simulation Mode" section in the
Simulation Mode: Special Notes page.
43 When I issue the "clear ip route *" command in The "clear ip route *" command just clears the routing table. For some protocols like
CLI, it doesn't clear the routing tables. EIGRP and OSPF, the routes are added back to the routing table immediately if there are no
changes. For RIP, the routes are added back when receiving the next updates from its
neighbors. However, in Realtime mode, it may happen before "show ip route" is issued
again. You can see its effects easier in Simulation Mode.
44 Why can't enable secret passwords be assessed This is no longer an issue in Packet Tracer.
reliably in activities?
45 I can add a WEP key that is out of the hex range This is no longer an issue in Packet Tracer.
for the Linksys router when I shouldn't be able to.
46 In the Event List filter window, why does HTTP packets are also TCP packets, so they are not filtered out.
unchecking HTTP filter have no effect when TCP
is checked?
47 Why does the Inspect tool have no effect on the This is no longer an issue in Packet Tracer.
Linksys router?
48 When I telnet into another device, the config tab This is no longer an issue in Packet Tracer.
does not work.
49 Why do static routes with admin distances of 255 This is no longer an issue in Packet Tracer.
show up on the routing table?
50 Packet Tracer crashes when I have many We recommend using one instance of Packet Tracer at a time. Although Packet Tracer does
instances of Packet Tracer opened. not impose a limitation on how many instances may be running at the same time, system
resources (RAM, disk swap, or GDI objects) may affect the actual number of simultaneous
instances.
51 How can configurations from Packet Tracer and Packet Tracer generates password encryptions only once, with only one seed. If the same
real devices be used in activities to check enable password is entered more than once, Packet Tracer only generates one encryption string. In
secret and other passwords with service order for passwords generated from outside of Packet Tracer to work in activity checking,
password-encryption on? you must re-enter the passwords again after importing.
52 Why are values in Config tab not changed when I Packet Tracer does not keep opened dialogs in sync when changes are made from a
have already changed them in console? different dialog. To see the updated values, please close the opened dialog and open it
again.
53 Why do HTTP packets still show up when I have If the HTTP filter is unchecked, but the TCP filter is checked, HTTP packets would still
the HTTP filter unchecked? show up, because HTTP packets are TCP packets. This is the same behavior for other
packets that are encapsulated within TCP or UDP. If you want control over the types of
packets you want to see, use ACL Filters.
54 Why does Packet Tracer generate the same On real devices, each time a password is entered, the seed changes, and it would generate a
encryption string when the same password is different encryption string. Even if the same password is entered twice, the encryption
entered more than once? string would be different. In order for activity checking to work, we must always generate
the same encryption string so that the user's password and the Answer Network password
generate the same encryption string.
55 How do I add a graphic image of a topology in Use tags to add images in the activity instructions.
the activity instructions?
56 Why am I able to add and remove content from You have to lock Edit Instructions in the Locking Items tree to make the instructions
the activity instructions window when it should content read-only.
be read-only?
57 When I enter "show interface s0/0/0" in the CLI, This is no longer an issue in Packet Tracer.
the IOS output says "show interface s0/0/0" is an
ambiguous command.
58 How come I cannot use Variable Manager for Variables cannot be used to check for nodes that depend on names, such as device names,
scoring with VLAN interface IDs (SVIs)? port names, dhcp pool names, etc.
59 Is there a way to speed up convergence of the You can speed up convergence of the network by switching to Simulation Mode and then
network when I open a file? Sometimes my switching back to Realtime mode. Do this as many times as required (depends on the
activity is graded incorrectly since the answer network). If you are creating an activity, you can forward the Answer Network
network hasn't converged. Convergence in the Activity Wizard as well.
60 I cannot make a Multiuser connection between Make sure to disable all firewalls on both the Windows and Linux machines (procedure
Windows and Linux machines. will vary depending on the firewall). If the machines are behind NAT (e.g. a SOHO router),
be sure to forward the appropriate ports (i.e. 38000 by default) as well.
61 I can still access the Config tab of a router or You can use Activity Wizard to lock Use Config Tab or you can hide the Config tab in
switch even if there is an enable secret password Preferences if needed.
in the running configuration.
62 Is there a way to distinguish between outgoing You can mouse over a Multiuser remote network cloud to show who the other side is
and incoming Multiuser remote network clouds? connected to. Also, changing the Multiuser remote network cloud's name does not reflect
Also, when I have an incoming Multiuser on the other side.
connection, Packet Tracer creates a Multiuser
remote network cloud if the name is incorrect.
63 When I try to set a variable value to Elemental When you set a value for a variable, you must press Enter on the keyboard to change the
Position in Variable Manager, the value sets itself value.
to zero and cannot be changed to any other
position.
64 When I try to copy text from the CLI tab using There is no way to prevent this in the interface as of now. A workaround is to use the Copy
"Ctrl + C", the output has unorganized text that button in the CLI tab.
can be dragged around.
65 How come I am able to enter negative point Negative point values in Assessment Items has several useful benefits. For example, if you
values for Assessment Items in activities? ask a student to configure a network using RIP and they use static routes to trick the
connectivity tests, you can give them negative points for configuring static routes instead of
RIP. Also, negative point values varies the point system which allows different types of
game related activities.
66 Can a wireless PC associate to an access point No. Wireless requires the devices to be within physical range of each other. Multiuser
that is from a Multiuser remote network? remote networks are in different physical spaces.
67 When I try to create a loop on a switch by A workaround is to use a hub or repeater to create a loop between the two ports on the same
connecting a straight-through or cross-over cable switch.
to different ports on the same switch, I get a
connection error stating that "The cable cannot be
connected to that port?"
68 How come when I have multiple wireless profiles In Packet Tracer, there is no way to choose multiple wireless profiles in the Config tab.
in a wireless PC and then delete the wireless
router that the wireless PC is currently associated
to, the wireless PC does not automatically
associate to the other wireless routers that has a
profile?
69 In Physical Workspace, sometimes the geoicons This is no longer an issue in Packet Tracer.
do not work correctly. For example, I am able to
move the geoicons beyond the "border." Also, the
geoicon labels are sometimes detached from the
geoicon itself after navigating between locations.
70 How come the output for various commands in This is due to differing versions of IOS images. Please see General Issue #3 for a list of
Packet Tracer, such as "show ipv6 nat IOS images that Packet Tracer supports.
translations," is different from a real router?
71 When I click on Save Settings in the Applications The workaround is to click on another item to change the focus before clicking on Save
& Gaming section in the Linksys GUI, the last Settings.
item in focus does not save.
72 How come when I create a complex PDU, the To select an Outgoing Port, the source device interface needs to be configured properly
Outgoing Port drop-down list does not contain with an IP address.
any ports?
73 The Variable Manager Interface in the Activity This is no longer an issue in Packet Tracer.
Wizard Answer Network panel is too narrow.
74 When I have a router with 2 LANs (e.g. This is how it works on a real router.
192.168.1.1 and 192.168.2.1), a PC with an IP
address in the 192.168.1.0 network can be pinged
by a PC in the 192.168.2.0 network even if the
PC in the 192.168.1.0 network has the incorrect
default gateway (e.g. 192.168.2.1).
75 When I copy and paste the entire "show running- Some commands are not supported, but shows in the "show running-config" output.
config" output in Global Config Mode, some
commands return "% Invalid input detected at '^'
marker."
76 When I undo a deleted device/link that was This is no longer an issue in Packet Tracer. However, undo still does not undo deletion of
connected to a Multiuser remote network, Packet Multiuser remote network clouds. So, if deleting Multiuser remote network clouds with
Tracer crashes. other devices, undo will only bring back other devices.
77 When I delete a link to a Multiuser remote This is no longer an issue in Packet Tracer.
network, the link isn't removed from the
Multiuser remote network.
78 Packet Tracer appears to be able to ping a default This is correct behavior. PCs will send packets to a gateway that is not in the same network
gateway that does not exist. as itself. And Cisco routers reply to ARP requests if the requested IP has a route in its
routing table.
79 When I am configuring Frame-Relay, the "show The output in the "show running-config" is encapsulation type, which is IETF and the
running-config" shows that the encapsulation is output in the "show frame-relay lmi" is the LMI type. Since the LMI type is Cisco, it is not
IETF, but the "show frame-relay lmi" command displayed in the "show running-config".
shows that it is Cisco.
80 The Linksys router icon looks too similar to the You can change the icon to any other icon you wish by using the Customize Image in
Cisco 1841 ISR icon. Logical/Physical View feature in the device dialog.
81 When I create a new file, a registered IPC device The deviceAdded event is registered to the workspace object. Packet Tracer creates a new
creation event such as deviceAdded in the workspace for each new/opened file. So, the ExApp needs to re-register the events
previous topology disappears. previously registered to the old workspace in the old file.
82 Does Packet Tracer support SHA1 encryption? Yes. If you issue "crypto ipsec transform-set mycrypto ?", you will see that all of the sub-
commands that contains*-sha-* in them supports SHA1.
83 The source IP address field does not appear in the This feature is used to manually change the source ip address of packets sent and is mainly
Add Complex PDU dialog. used for games and activities to fake source ip. We removed it from routers and switches
because Cisco devices (should) check for that when sending packets out.
84 Where does the server device look for images to The server looks for images with the same name in the same folder as the pkt/pka file, or if
load pages with image tags from? the file is not saved/opened, it looks inside the Packet Tracer /bin folder.
85 When routers exchange routes to the same route, This is correct behavior and real routers do the same thing. For example, if a 10.0.0.0/8
their routes become possibly down after a while. route is from Router1 and it sends it to Router2 and Router2 has the same route. Then
Router2 advertises it to Router1 before Router1 sends the same route to Router2. Also, say
for instance Router1 has 10.10.10.0/24 also. It will accept the 10.0.0.0/8 route and put it
into routing table. But, once Router2 receives the same route from Router1, it will stop
sending the route to Router1. And the route in Router1 will eventually timeout.
86 Where are the RADIUS and TACACS server The configurations are located in the AAA panel in the Config tab.
configurations for the server device?
87 Why am I not able to move or control cables Since the remote networks are not in our physical world, Multiuser remote network clouds
connected to Multiuser remote network clouds in are located at some outside point. Also, cable length does not have an effect on these
Physical Workspace? connections.
88 How do I navigate to a previous cluster level or To navigate to a previous level, click on the Back button on the Logical/Physical
Physical Workspace level? Workspace Bar until you get to the desired level.
89 When I close a device dialog while in Simulation This is normal behavior. Actions that may cause the simulation to reset are deleting
Mode, the simulation resets. devices, deleting connections, closing dialogs, and toggling power on ports.
90 Where is the Viewport feature located in Physical To open the Viewport in Physical Workspace, go to View > Show Viewport on the Menu
Workspace? Bar.
91 When I issue the command "show crypto map", There is a possibility that the IOS version you are using on the real router is different from
the output differs from what I see on a real router. the IOS version currently used in Packet Tracer, which could be the cause of the
discrepancies.
92 When I do "show cdp neighbors" after loading a CDP sends every 60 seconds and so after 60 seconds it shows up. The first CDP packet
save file, not all neighbors are in the output, but probably got dropped or was sent before the link went up so the first one did not get sent. It
the neighbors show up after a while. is also possible that the first CDP packet is sent, but the network may not have converged.
93 If I move a device with a BendPoint or BendPoints and GroupPoints are not kept when moving a device. This is intentional
GroupPoint in Physical Workspace, the behavior to have consistency.
BendPoint or GroupPoint disappears.
94 Packet Tracer generated a configuration file on This is by design and is intentional. The only to have Packet Tracer writable cross-platform
my computer's local user directory. and work the same way, the user folder needs to be utilized as Windows Vista and Linux
has stricter write permissions on installation directories.
95 The Ethernet interface configuration dialogs in This is a Packet Tracer implementation issue and no workaround exists at the moment.
the GUI looks different from other types of
interfaces.
96 When I try to issue CTRL + Shift + 6 + X on the This is intentional as the PC's telnet cannot suspend.
keyboard to terminate a telnet session on a PC
device, nothing happens.
97 The number of packets encapsulated and The number of packets that a router encapsulates and encrypts does not necessarily have to
deencapsulated shown in the "show crypto ipsec be equal to the number of packets that it deencapsulates and decrypts. Depends on the
sa" are not equal. protocols in has configured, packets get lost on their way to destination those numbers are
different too.
98 Sometimes when I view PDU details of STP PVST+ uses two STP packets, one is addressed to the IEEE STP multicast MAC address
packets, the PDU details would say SSTP and the other is to the SSTP (Shared Spanning Tree Protocol) multicast MAC address. The
Multicast Address instead of STP Multicast two are different addresses, both are for STP. The SSTP is for PVST+ Cisco devices and
Address. the regular STP is for connecting Cisco devices to non-PVST+ switches. Both are needed
in Packet Tracer to have native VLANs working properly.
99 The MIB Browser does not have a horizontal This is a known limitation in the current version of the UI framework that Packet Tracer
scrollbar for the MIB tree so it is hard to navigate utilizes. This will be fixed in a subsequent version of Packet Tracer.
and view the tree.
100 Why do wireless end devices sometimes form This can be due to the effect of interference of access points within range. As a result, the
random associations? access points that wireless end devices connect to are not deterministic. That is, it is
somewhat random.
101 When I add a DNS resource record with the name All functionality works the same since DNS is case insensitive.
in upper-case letters, Packet Tracer adds the name
in lower-case instead.
102 Cables in Physical Workspace aren't redrawn This is no longer an issue in Packet Tracer.
correctly while resizing objects.
103 When I close the Preferences dialog, any other This is the intended behavior. The user may be changing fonts or hiding tabs. The dialogs
dialog that I have opened closes also. need to close to take effect on these changes in Preferences.
104 When I click on the link lights on a cable, the This is the intended behavior. The purpose is to allow users to unplug cables and replug
connection detaches from the nearest connected them.
device and I am able to make a connection with
the same cable again.
105 Switches are not able to detect a new route when MAC entries time out after 5 minutes of no activity. Fast forward the time to 5 minutes and
an old route is down. send again. It should be successful.
106 I was trying to create a device after clicking on This is an expected behavior. The mouse cursor icon will not change by clicking on any
the Place Note tool. The mouse cursor stayed as component in the network component box.
the Place Note cursor icon, instead of the Select
tool cursor icon. Why is it like that?
107 Frame-relay map statement is not accepted under Frame-relay maps are dynamically populated by Inverse ARP. Inverse ARP sends mappings
interface mode. When I run the command to add every 30 seconds or so. You can do "show frame-relay map" and if a mapping says
a map it says "%Address already in map". I get "dynamic", then it is from Inverse ARP.
this message even after I delete the entry and try
to add it again. Cisco routers have Inverse Address Resolution Protocol (IARP) turned on by default. This
means that the router will go out and create the mapping for you. If the remote router does
not support IARP, or you want to control broadcast traffic over the PVC, you must
statically set the DLCI/IP mappings and turn off IARP. IARP will be supported later.
108 In the Activity Wizard, when I click on the close The close button cannot close the Instructions window because this is a limitation reported
button on the Instructions window, the window by Qt.
gets minimized.
109 In a router or switch's CLI, sometimes when I This is an expected behavior and is a security feature. The "circles" or "asterisks" will NOT
type a password, "circles" or "asterisks" fail to be echoed for password field. The reason for this is that it limits a perpetrator from
appear while entering characters for the knowing the length of the password.
password.
110 Why are end devices with the Linksys End devices with the Linksys WPC300N module supports B, G, and N wireless networks.
WMP300N module able to connect to a Linksys If the access point or router is configured for BG or B only or G only, then the Linksys
router that operates in BG-Mixed mode? WPC300N will reduce its speed to B or G. However if you have a B or G module on the
end device, and the access point or router is set to N only, then it would not connect.
111 Which types of wireless networks do the Tablet The Tablet PC and PDA only support B and G wireless networks.
PC and PDA support?
112 I changed the time and date on an NTP server on After changing the year or month, you have to click on a date to set the date.
a server end device. After closing the server
device dialog, and reopening it, the time and date
reverted back to the previous settings.
113 When I try to ping a host that is connected to a This is the correct behavior on real Linksys router, but Packet Tracer modeled it incorrectly
Linksys router's LAN port, the ping fails. in previous versions. A Linksys router will drop all pings into it from the Internet port.
114 Pressing Ctrl+A on the keyboard does not select This is a Qt framework related issue.
all text in certain areas of the GUI.
115 Even though there is no power cord attached to By default, 3560 multilayer switches have power over Ethernet. If an IP Phone is connected
an IP Phone, it still appears to be on. to a 3560 multilayer switch, then it would be powered on.
116 When I hover over an end device that is supposed This is the correct behavior. In the real Cisco IP Communicator application, the line
to be configured with a line number, the line number is only set when the Cisco IP Communicator application is opened.
number only shows when I open the Cisco IP
Communicator.
117 When I enter the command "mac-address H:H:H" The correct MAC address format is H.H.H, not H:H:H. Thus, the correct command input
in ephone configuration mode, I receive an would be "mac-address H.H.H".
invalid input error message in the CLI.
118 When I press the "Do" "Re" or "Mi" notes in the Be sure that Sound is enabled in Preferences.
GUI of the phones, I don't hear anything.
119 I connected a cloud's Ethernet6 port to a router. You need to add a DSL connection between the modem port and Ethernet port on the cloud.
When the cloud receives a DHCP packet, it does
not send out to the Ethernet6 port. Why?
120 Why does Packet Tracer always do PAT when The "ip nat inside source" command automatically puts "overload" if an interface is
there is no overload command? specified. This is correct behavior.
121 When I use the Copy from Answer Network The answer network and initial network trees are different. As a result, they cannot be
function in the Initial Network panel of Activity copied from one to another.
Wizard, the variables from the Answer Network
do not get copied over.
122 When I try to copy and paste a Multiuser cloud, Copy and paste of remote networks is not supported.
nothing happens.
123 When I try to create a multiuser connection while Creating Multiuser connections while in Activity Wizard is not supported.
in Activity Wizard, an error message appears
stating that "Cannot make multiuser connection
to this instance of Packet Tracer."
124 After I invoked the command "ssid test" from Only when you invoke "not dott11 ssid test" in the Global Configuration Mode, then it will
interface Dot11Radio0/3/0 on a router, there still remove the SSID configuration and bring the interface that has the same SSID down. If you
seems to be some kind of wireless signal detected only remove "no ssid test" in Interface Configuration Mode, it would reset the SSID at the
on a wireless PC. Is this correct behavior? interface to empty string "". So the wireless client detects a network with "" as the SSID.
125 When I switch from Realtime Mode to When switching from Realtime to Simulation mode or when Reset Simulation, time
Simulation Mode, the time seems to shift forwards about 10 seconds or if there are many events, it will forward less time.
forward.
126 When I press CTRL+C or CTRL+Shift+6 to This is expected behavior. The telnet client intercepts the Ctrl+C or CTRL+Shift+6 and
terminate a traceroute, it doesn't work. does not send it over to the telnet server.
127 When I try to telnet to a switch from itself, the A newly created switch in Packet Tracer or a real switch without any interfaces connected
connection attempt times out. will exhibit this behavior. The reason being that VLAN1 is the default management VLAN
interface for a switch. Since a switch is a Layer 2 device, it does not have an IP interface.
Thus, the necessity for a Layer 3 interface in the form of VLAN1 interface was introduced.
VLAN1 interface's protocol will go up if at least one FastEthernet interface is also up.
Then, will only telnet and other services of VLAN1 will become active.
128 Packet Tracer's CPU and memory usage increases Packet Tracer allows STP to have loops and Packet Tracer simulates the behavior of
when I have a network with many switches "infinitely" forwarding frames inside a loop. The same frame does stop forwarding after a
connected in loops. while, but if there are branches in the loops, the frames will exponentially duplicate and
will increase CPU and memory usage. Because of this, misconfigurations in networks can
cause Packet Tracer to slow down.
129 When I leave the WEP key field blank on a This is a graphical glitch when wireless input fields are involved and it cannot be fixed.
wireless device and click on a button in the
Config tab, the button remains depressed after I
get the WEP key cannot be empty error popup.
130 Why do the routing tables display the CIDR The routers learn the /32 routes from serial PPP links.
subnet mask such as /30 on routers connected by
serial connections?
131 Why is the CPU usage from Packet Tracer so If there are many workspace notes, including device labels, and port labels, the CPU usage
high sometimes? can be high due to the nature of the Qt library.
132 Why do 1841 Routers not support voice It was a bug that we added voice commands in 5.3.0 on 1841s. We removed them in 5.3.1.
commands anymore?
133 Why in Simulation Mode, CDP packets are In Simulation Mode, if frames are collided, PT will show the frames even though the frame
shown even though they are not selected in the protocol is not selected in the event list filters.
Event List Filters?
134 Why are the routing tables different when I This is a bug. It will be fixed in the next version of Packet Tracer.
reopen a file that involves route redistribution?
135 Why does the PC Web Browser not detect IPv6 This is correct behavior. The correct way to enter an IPv6 address in the browser is to
addresses like aaaa:2::2 as a valid address? enclose the address in square brackets. The right format is http://[aaaa:2::2] or http://
[aaaa:2::2]:80.
136 When I tried to move a device inside a cluster in This is a bug. It will be fixed in the next version.
maximum zoom out mode, the move object
popup is not aligned with the device.
137 When I changed the MAC address of the Fast To see the new link local address, click on the FastEthernet button after making the change
Ethernet port on a PC, the IPv6 link local address in MAC address.
doesn't change accordingly.
138 Why does PT print out "UUUUU" instead of This is a bug. We will fix it in the next version.
"NNNNN" if a ping's source IP is beyond scope
(source IP is a link local address and the
destination IP is beyond its LAN)?
139 When I copy a device inside a cluster, I cannot This is a bug. The workaround is manually move the copy from inside the cluster to outside
paste the device into a different cluster? outside the cluster.
140 When I issue the command "show interface" on a This is the correct behavior. The DCE interface auto includes the clock rate command,
router, the output shows that the line protocol is defaulting to 2000000. Also, if you attempt to issue the clock rate command on the DTE
up even though it is the DTE interface and the interface, the output will show "This command applies only to DCE interfaces".
DCE interface has not been issued the clock rate
command.
141 There is CLI for the frame relay cloud. The only This is the intended behavior.
option is to configure using the GUI.
142 When I author a PKA with variables in For runtime states, like DHCP assigned addresses and configurations, use variables to
assessment items and then try to test my activity, grade the assessment items. For the default gateway or IP address, use regular expression or
certain assessment items such as the default static values.
gateway or DNS server IP addresses are marked
incorrect, even if the values are equal to the
answer network.
143 After creating a complex network, clicking "reset No, "reset simulation" does not clear tables. "Reset Simulation" clears out any packet on
simulation" does not clear ARP tables or DNS the event list. Resetting visible tables does not reset router tables. "Power Cycle Devices"
caches. Is this a bug? would reset all tables.
144 In the activity wizard circling tool, how come This is usually a configuration error on the shape. A common issue happens when a user
some shapes do not grade correctly? creates two shape tests intended to be different, but one shape test is wholly a subset of
another shape test. e.g., shape test 0 only includes router1, and shape test 1 includes
router1, router2, and router3. In this situation, the evaluation can fail to accurately grade
the intended circle. When a user circles router1 with shape A, and router1 2 and 3 with
shape B, the system may end up choosing shape B for shape test 0 (with only router1), and
once a shape has been used, it is not used again for another shape. That leaves shape B for
the answer to shape test 1 (router 1 2 and 3). So in this scenario, shape test 1 will only
receive 1 of 3 correct, and shape test 0 receives 1 of 1 correct. To mitigate such a scenario,
be sure that two different shape tests can be differentiated from one another either with
inclusion or exclusion points that are in one shape test but not the other. In short, make sure
one shape test is not wholly a subset of another shape test.
145 Can I add two wireless modules to an end device? No, Packet Tracer currently does not support two wireless interfaces per end devices at the
moment.
146 When I pasted in my commands to a router, the Do not copy commands from a word document or PDF directly into the router. Instead,
case is not preserved. For example, I pasted in copy the commands into a notepad file first. This will remove all hidden formatting. Then
"hostname R1" and PT changed it to "hostname copy the commands in the notepad file and paste into the router.
r1".
147 If I setup a network with two LANs, can one PC When you have a router with two LANs, a PC with an IP address in the first network can
from one network ping another PC from the other be pinged by a PC in the second network, despite the PC in the first network having an
network? incorrect default gateway.).
148 I cannot find "show device dialogue taskbar" in The option "show device dialogue taskbar" has been moved to the miscellaneous tab.
preferences anymore. Has it been removed?
149 Why can't I find any routing configuration on the There was a bug in PacketTracer releases before 6.0 which allows the configuration of
3560-24PS switch when I open my file in routing protocols (Rip, eigrp, ospf...) on the switch even though "ip routing" is not
PacketTracer6.0? configured. With this fix, files created before 6.0 that contain switches will lose the entire
routing protocol configuration on the switches if "ip routing" wasn't there.
150 When I setup a server with two NICs, and I setup For Packet Tracer purposes, servers with two NICs are designed for dual-homed
a PPPoE dialer, the connection fails. Why is that? configurations. PPPoE would be out of scope.
151 When I mouse over Octal cables, it doesn't show Octal cables are for terminal server behavior, so it is not necessary to have interface async
much information. Why is that? for octal cables. Instead, mouse over octal cables shows the line number instead.
152 Why does PT crash when I test activity or load an This can be worked around by making sure there is at least one object location set. If you
activity with 0 sets of object locations. created an object location set and deleted it afterwards, you should add at least one set in
the list. If no object location sets were ever created, you do not need to add a set.
153 Why are IPv6 Neighbor Discovery Protocol Neighbor Discovery Protocol (NDP) defines five ICMPv6 packet types, however in Packet
(NDP) packets are labeled as NDP instead of Tracer, we differentiate the ICMPv6 messages for NDP in Simulation Mode for event
ICMPv6? filtering convenience. When you view the PDU details of a packet that is labeled as NDP in
Simulation Mode, the PDU details will still identify the packets as an ICMPv6 neighbor
message.
154 For IPv6 addressing, why don't we get a partial The current development, if IPv6 address is wrong, but the prefix-length is right, you get
credit if we enter the prefix length correctly but no credit. If IPv6 address is right, but the prefix-length is wrong, you get a partial credit.
with a wrong IPv6 address?
155 What should I expect to see on Netflow Collector Netflow Collector displays the top 10 flows with the most count on the pie chart.
GUI when it receives a flow that matches one of Additional information about each flow is displayed on the window next to it. When
the flows that it has in the cache? Netflow Collect receives a flow that matches 1 of the flows in the cache, it'll increment the
count of that flow without updating the existing flow with the new flow. Therefore, users
will see the pie chart get updated but the flow information will remain the same.
156 Why does the alert saying "Cannot write to file" The alert message comes up when there are permission problems. Try saving to a different
sometimes appears when I save my scripts? file/location.
157 Why does the device show a default hostname in Cisco devices does not allow hostnames with spaces. If an old Packet Tracer file contains
Packet Tracer 6.1 and not in previous versions? spaces in the hostnames, Packet Tracer 6.1 will display the default hostname.
158 Why does "standby version 2" always show up in Version 2 supports IPv6. Since we want Packet Tracer to support IPv6, version 2 is
the running configuration when HSRP is automatically added to the configuration.
configured eventhough the command was not
entered?
159 Why does Packet Tracer fail to elect the correct In topologies containing hubs, the hubs are causing collisions preventing RSTP frames
root for (R)STP causing loops in the topology reaching devices which prevents the ability to detect the loop.
when a hub is in between two switches?
13 The show ip ospf neighbor command shows a The OSPF priority depends on the IOS version. On version 12.2, it shows 1. On version
priority of 1. Actual 1841 shows priority of 0. 12.3 and later, it shows 0 even if the priority is manually changed to 100. This may be a
bug in the IOS and would not be modeled in this version of Packet Tracer.
14 Static routes with 255 admin distance should not This is no longer an issue in Packet Tracer.
be added to routing table.
15 Why do wireless ports always buffer the frames This is because the wireless port is doing CSMA/CA and sends a Request To Send (RTS)
before sending? before sending any data frame. It then has to receive a Clear To Send (CTS) from the
destination device before sending the data frame. Packet Tracer is not showing the wireless
management frames, so it would show the data frames being buffered without seeing any
other frames.
16 Why are LMI statistics not updated when the link This is no longer an issue in Packet Tracer.
state changes?
17 Why can I only ping one VLAN interface on the This is no longer an issue in Packet Tracer.
switch when there are more than one with the
status and line protocol up?
18 Why does OSPF not work over physical serial OSPF over NBMA networks is not currently supported in this version. This includes
interface using frame relay? physical serial interfaces and multipoint sub-interfaces. However, it works on point-to-
point sub-interfaces.
19 In Simulation Mode, routing tables are updated This is a modeling limitation of Packet Tracer.
before the packet arrives in the simulation.
20 On a router with multiple switching modules, This is a modeling limitation of Packet Tracer.
there should be individual MAC tables for each
switching module. However, "show mac-address
table" shows only one MAC table.
21 Why is the command "ip ospf network" not This command is only available on Serial interfaces to allow OSPF to work over Frame
available in the loopback interface mode? Relay.
22 The round trip times for pings in Multiuser This is a modeling limitation of Packet Tracer. The delay can also be caused by the
networks are very long. propagation of real TCP packets.
23 When I issue the command "debug ppp This is no longer an issue in Packet Tracer.
negotiate" before enabling PPP encapsulation,
debug messages do not show.
24 On a real switch, when I create a VLAN and then This is a modeling limitation of Packet Tracer.
assign a name to the VLAN, VTP revision
number increases by 1. In Packet Tracer, the VTP
revision number increases by 2.
25 The EtherChannel group does not come back up This is a bug in Packet Tracer and was discovered late in the testing process. It will be fixed
after an error disable. in a future version of Packet Tracer.
26 Configuring shape in a nested policy map gives This is no longer an issue in Packet Tracer.
an error message.
27 When I enter "switchport mode trunk" on a Packet Tracer only supports dot1q trunking encapsulation. "auto" automatically detects ISL
switch without changing the encapsulation to and dot1q.
dot1q first, the command is not rejected like on a
real switch with a message saying "An interface
whose trunk encapsulation is 'Auto' can not be
configured to 'trunk' mode."
28 "show ipv6 eigrp interfaces" seems to have This is a modeling limitation of Packet Tracer. The values in the "show ipv6 eigrp
incorrect or static output. interfaces" output are hard coded.
29 Class-maps with inspect type appear to have a This is a modeling limitation of Packet Tracer.
different subset of match sub-commands
compared to real routers.
30 When I configure manual EIGRP summarization, This is a modeling limitation of Packet Tracer. It is recommended to just ignore the output.
sometimes the classful mask is shown in the
routing table for a route.
31 No warning is shown when exiting the interface This is a modeling limitation of Packet Tracer.
range mode without typing exit.
32 Is the command "tunnel source [ip address]" No. This is a modeling limitation of Packet Tracer.
supported?
33 Does the command "ip mtu [value]" have a No. This is a modeling limitation of Packet Tracer.
dynamic range?
34 When I do "show vtp counter", the values for VTP pruning is not supported in Packet Tracer.
VTP pruning statistics seems to be incorrect?
35 Why can I not modify the serverPool DHCP pool In older versions of Packet Tracer, the server pool is automatically created. The server
on the server device? device only required enabling DHCP. It is still there for backwards compatibility. This is
not a bug, but rather the implementation of the server which contains the server pool.
36 When I copy a "show running-config" output This is expected behavior as not all commands are supported in Packet Tracer in the "show
from Packet Tracer and paste the output into CLI, running-config" output.
not all commands are accepted.
37 When I issue the command, "more flash:c2960- This is a modeling limitation of Packet Tracer. Packet Tracer does not store the IOS images
lanbase-mz.122-25.FX.bin", the output is as actual files. In the current implementation of Packet Tracer, the command outputs
different each time. random data.
38 When I delete the IOS image from a router or This is no longer an issue in Packet Tracer.
switch and then save and reopen the file, the
device boots up when it should not.
39 If I issue "debug ip packets" then "logging trap If these two commands are applied to a router, Packet Tracer would send packets
debug" on a router, it seems that one or the other continuously and will crash eventually. Real routers behave similarly and will lock the user
is not issued at all. from entering anything as the console will be overloaded with debug messages. As a result,
in Packet Tracer, only one or the other can be applied to the router to prevent such issues
from arising.
40 The output in "show policy-map type inspect On a real router, the IOS image used in Packet Tracer does not display the protocol.
zone-pair sessions" seems to differ compared to However, the protocol was added for CCNA requirements.
real routers in regards to the type of protocol
detected in the established sessions.
41 The "show clock" output is always Mon Mar 1 In the past, Cisco shipped devices with Mon Mar 1 1993 by default. However, in recent
1993 by default. times, newer devices are shipping with the current time. Packet Tracer's implementation
uses the old method of displaying the "show clock" command by default.
42 When I enter the command "no ip ips signature- This is no longer an issue in Packet Tracer.
category", it brings the router prompt to the IPS
category configuration mode.
43 Access-lists do not have ESP, AH, or ISAKMP This is a modeling limitation of Packet Tracer.
port options available. As a result, site-to-site
VPNs can be created, but are not functional if
CBAC or ACLs applied.
44 Static routes should be able to specify an This is a modeling limitation of Packet Tracer.
outbound interface and next hop address.
45 A carriage return is missing after removing a This is a modeling limitation of Packet Tracer.
subinterface from a router.
46 There is no error message when two connected This is a modeling limitation of Packet Tracer.
switches have different EtherChannel modes.
47 When I try to issue an SNMP request using a port The routers and switches also need to change to that port. However, Packet Tracer does not
other than 161, SNMP request times out. have the command to change the SNMP port on routers and switches. This is a modeling
limitation of Packet Tracer.
48 AAA authorization commands are supported, but AAA authorization commands are available on routers as commands only but without any
the functionality does not work. functionality. This is a modeling limitation of Packet Tracer.
49 When I enter "config t" in global configuration Packet Tracer is trying to issue the "config-register" command in global configuration
mode, Packet Tracer returns "%Invalid hex mode. However, Packet Tracer's command parser implementation of the hex part is using
value." WORD. This is a modeling limitation of Packet Tracer.
50 When I try to enter interface configuration mode This is a modeling limitation of Packet Tracer.
for a non-existent interface, Packet Tracer returns
a different error from a real router.
51 The number of matched packets under the This is no longer an issue in Packet Tracer.
protocol match statement is greater than the
number of matched packets for the class-map in
the "show policy-map" command.
52 The QoS bandwidth setting does not appear to The drop rates are not accurate numbers.
have an effect on drop rates.
53 The labs in the curriculum expects more options This is a modeling limitation of Packet Tracer. We may support more options for the debug
for the "debug ip rip" command, but Packet ip rip commands in a future version of Packet Tracer.
Tracer only supports the events option.
54 When I have a PC on a VPN connection, it seems This is no longer an issue in Packet Tracer.
that DNS packets are sending to the VPN server
first and the DNS packets are not encapsulated in
Simulation Mode.
55 An RS232 port is displayed in the physical device The RS232 port displayed in the physical device view is for aesthetic purposes only.
view of the IP Phone, but the RS232 port is not
one of the available ports in the Logical
Workspace.
56 Why doesn't Packet Tracer show all of the Packet Tracer is not simulating SMTP and POP to standards. It just sends a generic request
packets involved in a typical SMTP/POP one way and a reply back.
transaction?
57 On a 3560 multilayer switch's interface, when its This is new corrected behavior. 3560 multilayer switches require "switchport trunk
trunk encapsulation is set to "auto", it cannot be encapsulation dot1q" first before setting the interfaces to trunk mode. This new behavior
configured to "trunk" mode. The command may affect existing files.
"switchport mode trunk" is rejected. Why?
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport mode trunk
58 When I create a Telnet packet while another TCP This is the new correct TCP behavior. If the source port is already used for another
connection exists, the Telnet packet that I created connection, it will not start the TCP connection and the packet will drop.
gets dropped.
59 When I view a TCP packet's PDU details in This is the new correct behavior. The HTTP client is making a connection and sets the new
Simulation Mode after initiating an HTTP TCP connection to SYN_SENT.
request, the HTTP client sets the connection state
to SYN_SENT.
60 How come phones don't register with auto-reg- This is a modeling limitation in Packet Tracer. Phones will register only if there is a line
ephone enabled and auto assign configured in number available. The line number is configured using the ephone-dn command. This is
CME? unlike in real devices where phones will register without having a line number for it.
61 When I open a PC's device dialog with DHCP The PC automatically sends a DHCP discover packet when opening the PC device dialog if
enabled, it keeps sending a DHCP packet. it does not have an IP address yet.
62 Why does VoIP still work even though switchport On real devices, the phones go down after invoking the "no switchport voice vlan"
voice vlan 1 is not configured? commands, but will come up after 20 seconds, and gets registered again and will be able to
make calls again. The down and then up behavior in Packet Tracer is a modeling limitation.
But, after 20 seconds or so, the phones can make calls again.
63 When a call is made to a Cisco IP Communicator When you close the Cisco IP Communicator, it actually minimizes and does not close
that is closed, is the Cisco IP Communicator completely. On real a Cisco IP Communicator, if it is ringing while minimized, opening
supposed to open in ringing mode or connected Cisco IP Communicator will answer automatically. This is correct behavior.
mode?
64 How come PPPoE clients do not get connected in This is a modeling limitation. The workaround is to either configure all of the servers with
multi-server environments? the correct configuration so that the clients get connected to the first one it hears from or
remove all but one server that has proper configuration.
65 How come the routers in Packet Tracer do not Packet Tracer does not support printing debug messages of all PPP negotiation packets.
show ppp negotiation debug messages after I turn
on debug? The "debug ppp *" command is only supported on serial interfaces.
66 I have "debug ppp authentication" enabled on a This is a modeling limitation. The "debug ppp authentication" command is only supported
PPPoE server. When a PPPoE client is getting on serial interfaces.
connected to the PPPoE server, it does not show
any debug messages on the server.
67 Why are log messages for IP phone registrations This is a modeling limitation. Packet Tracer does not simulate all the SCCP messages for
different than real devices? registrations like in real devices.
68 I created an access-list that denies FTP data This is a modeling limitation. The FTP operation currently supported in Packet Tracer is
transfers on port 20, but data transfers are still passive mode. In passive mode of operation, the FTP server opens a random data port and
successful. sends it to the client in order for it to connect to it and start the data transfer. The data ports
the FTP server listens are greater than port 1023 and not port 20. Port 20 will be relevant
when active mode of FTP operation is supported in Packet Tracer.
69 When I delete a wireless client from the This is correct behavior because the Linksys router did not receive a DHCP release from
workspace, the Linksys router's DHCP client the client to release the lease.
table doesn't refresh when I click on the refresh
button.
70 The MAC address column in the Linksys router's This is a modeling limitation.
DHCP Client Table is labeled as
00:00:00:00:00:00.
71 The Expires Times field in the DHCP Client This is a modeling limitation. This version of Packet Tracer does not support client expire
Table is always empty. time.
72 What's the purpose of the TFTP Server field in The TFTP server field in the DHCP server is there for assigning IP addresses with the
the DHCP service on the server device? TFTP option, so that the DHCP server and the CME router can be two different devices.
73 Why do PCs sometimes get default gateway from DHCP is on by default on server devices (for backwards compatibility). That means if there
DHCP, but sometimes not? is another device (router or another server) in the same LAN serving DHCP, sometimes the
router replies faster and sometimes the server replies faster. Since the server device does
not have the default gateway configured in the DHCP pool by default, so sometimes PCs
do not get gateway.
74 When I use the "no redistribute connected metric This is a modeling limitation. In Packet Tracer, "no redistribute" with any arguments will
1000000" command, it removes the entire remove the whole command. If you want the command "redistribute" command back, you
"redistribute" command. need to enter the command again.
75 Shaping stats are not shown all for nested policy Nested policy maps show shaping stats (packet/byte counts) and shaping flag (yes/no) for
maps. outer policy map, but not for inner policy map.
76 When I configure a destination-pattern of "10.." This is a modeling limitation. In Packet Tracer, the only destination-pattern ".." is
with two dots for one dial-peer and a destination- supported.
pattern "10." with only a single dot for a second
dial-peer, only numbers such as "1022" can be
dialed.
77 Why does Packet Tracer slow down for long BGP is a complex protocol, and when there are many BGP routes, the CPU can be
periods when running BGP? overloaded due to network traffic calculations. Reduce the amount of BGP routes or routers
to lower the CPU usage. In a Multiuser environment with many BGP routes, use a single
Packet Tracer instance with a single BGP router per instance.
78 Why does the command show ip bgp give a The BGP table is populated based upon received data and in the order received. Each time
different output than what I see on a real router? BGP is started, the time to establish an adjacency differs slightly and therefore adjacencies
can happen in a different order. As a result, the table is populated in a different order and
the information contained will be different because the known topology of the network at
the time of information exchange is different.
79 RIPv2 poison and poison-reverse do not work. This is a modeling limitation. This version of Packet Tracer does not support RIPv2 poison
and poison-reverse.
80 Why do some wireless devices not get connected If the network or the same physical location has more than 25 wireless devices, it is hitting
to the access point? our simulation modeling limitation and PT is not able to connect any more wireless devices
simultaneously. The workaround is to either move some devices to other locations or
manually make the association in the device dialog.
81 Duplicate IPv6 addresses are not detected. This is a modeling limitation. Packet Tracer does not currently support Duplicate Address
Detection (DAD) for IPv6.
82 Why does an IPv6 device not be able to ping Packet Tracer does not currently implement staling of neighbor devices. Use "clear ipv6
another anycast address when the old anycast neighbors" to remove the old neighbor and ping again.
address device is disconnected?
83 The network mask of the route does not get This is a modeling limitation. The workaround is to save the file and reopen it.
updated after applying "ipv6 ospf network
broadcast" or "ipv6 ospf network point-to-point"
in the interface.
84 The command "show ipv6 ospf neighbor detail" This is a modeling limitation.
shows some missing output such as the Option
detail and link local address.
85 It appears that loading IOS IPS signature package This is a modeling limitation.
is not required when configuring IPS.
86 When I enter the command "show ipv6 dhcp This is a modeling limitation.
pool" on a DHCP server, the value for active
clients value is 0.
87 There was no application layer information in the This is a modeling limitation.
PDU details when simulating SSH traffic. Layers
1, 2, 3 and 4 are reflected in the PDU details, but
the application layer traffic isn't reflected.
88 When I enter the command "show ipv6 dhcp This is a modeling limitation.
interface", the value for when the renewal will be
sent is always 0d0h.
89 There is no support for the command "ip default- This is a modeling limitation. The workaround is to change the multilayer switch to a layer
router" on the Cisco Catalyst 3560-24PS 3 switch by entering "ip routing" and configuring a static default route.
multilayer switch.
90 When I shutdown an interface on a router This is a bug that will be fixed in a future version of Packet Tracer.
configured on a RIP network, the routing table
shows that the network is possibly down and the
RIP timers are started. However, on real routers,
the network is immediately withdrawn from the
routing table and the RIP timers are not started.
91 Can't I enter the command "no router ospf " No, due to model limitation, that command is not available.
within the command mode for "router ospf "?
92 When entering acl statements without specifying This is a modeling limitation.
the sequence number, why does the "show
access-list" command show the acl statements in
a different order from the order shown on Cisco
router?
93 Why can't key chains be entered consecutively This is a modeling limitation.
without exiting to normal config mode first?
94 Why doesn't the show running-config output This is a modeling limitation. HWIC-8A was added for console servers which do not
show async interfaces when HWIC-8A modules require async interface support.
are used?
95 In Simulation mode, why are there scenarios This is a modeling limitation. The code can't be set to clear out the event list after a port has
where a packet is still able to cross a link that is been shutdown because it might cause the network to miss routing packets that were
connected to a port that has been recently already sent out. So, depending on when the port was shutdown, packets may still be able
shutdown? to cross the link because there are instances that the event for that certain PDU has already
been added to the eventlist before the port was shutdown.
System Requirements
Minimum
OS: Microsoft Windows XP, Microsoft Windows 7, Microsoft Windows 8, Microsoft Windows 8.1 or Ubuntu 12.04 LTS
Language fonts supporting Unicode encoding (if viewing in languages other than English)
Recommended
RAM: 1 GB or more
Packet Tracer does not limit the amount of memory that is used to create and configure
devices. So if a user, or more importantly an author, creates complex PKA and PKT files
using large networks with complex protocols running may require up to 1 gigabyte or
more of memory to run effectively. If you are creating activities for PT, please be careful
of creating issues like STP loops as they might greatly increase memory requirements.
By creating files like this, you may cause Packet Tracer to operate unreliably or even
crash.