Wednesday 17 December 2014

How to configure frame relay in Cisco Packet Tracer


      
                                      By:- Budhprakasah polast


This article will explain frame relay configuration in Cisco Packet Tracer. Frame relay is a WAN technology. Read the Wikipedia article to learn more about Frame Relay. You can also try this on live routers and other network asimulators, but the frame relay switch configuration varies. The setup here will use the hub and spoke configuration, Router0 is the hub, Router1 and Router2 are the spokes. Point-to-Point subinterfaces are created and PVCs (Permanent Virtual Circuits) are established between Router0 and Router1 and Router0 and Router2. So the Spoke routers communicate via Router0.
The topology of this lab is shown below









The DCE end of the serial cable should be connected to the frame relay switch.
Frame Relay Switch Configuration
Configure the serial interfaces of the Frame Relay switch as follows
Serial0
DLCI
NAME
102
R0-R1
103
R0-R2
Serial1
DLCI
NAME
201
R1-R0
Serial2
DLCI
NAME
301
R2-R0
Select the frame relay tab and create the following links
FROM PORT
SUBLINK
TO PORT
SUBLINK
Serial0
R0-R1
Serial1
R1-R0
Serial0
R0-R2
Serial2
R2-R0
Configure the routers
The configuration of each router is shown below
Router0 (Hub)
R0>enable
R0#configure terminal
R0(config)#interface Serial 2/0
R0(config-if)#no shutdown
R0(config-if)#encapsulation frame-relay
R0(config-if)#exit
R0(config)#interface Serial 2/0.102 point-to-point
R0(config-subif)#ip address 1.1.1.1 255.255.255.252
R0(config-subif)#frame-relay interface-dlci 102
R0(config-subif)#exit
R0(config)#interface Serial 2/0.103 point-to-point
R0(config-subif)#ip address 1.1.1.5 255.255.255.252
R0(config-subif)#frame-relay interface-dlci 103
Router1 (Spoke)
R1>enable
R1#configure terminal
R1(config)#interface Serial 2/0
R1(config-if)#no shutdown
R1(config-if)#encapsulation frame-relay
R1(config-if)#exit
R1(config)#interface Serial 2/0.201 point-to-point
R1(config-subif)#ip address 1.1.1.2 255.255.255.252
R1(config-subif)#frame-relay interface
R1(config-subif)#frame-relay interface-dlci 201
Router2 (Spoke)
R2>enable
R2#configure terminal
R2(config)#interface Serial 2/0
R2(config-if)#no shutdown
R2(config-if)#encapsulation frame-relay
R2(config-if)#exit
R2(config)#interface Serial 2/0.301 point-to-point
R2(config-subif)#ip address 1.1.1.6 255.255.255.252
R2(config-subif)#frame-relay interface-dlci 301
Configure routing on the spoke routers
Unless routing is configured the spoke routers cannot communicate among themselves. You can use any routing protocols. For this tutorial I will use static routing
Router1
R1(config)#ip route 1.1.1.4 255.255.255.252 1.1.1.1
Router2
R2(config)#ip route 1.1.1.0 255.255.255.252 1.1.1.5
Ping the routers to test connectivity among themselves.


















Step-By-Step: Creating a Work Folders Test Lab Deployment in Windows Server 2012 R2


As mentioned in our BYOD Basics series post, Enabling Modern Work Styles Using Windows Server 2012 R2, several new capabilities have been introduced into Windows Server 2012 R2 intended to enable organizations to further embrace BYOD.  Microsoft's push for People-centric IT (PCIT), a new initiative introduced by Microsoft referring to the added BYOD capabilities, helps people in organizations achieve secure access to their apps and data on any of their devices in any location.  Work Folders is one of the new features introduced in Windows Server 2012 R2 enabling PCIT functionality.  Work folders enables users access to their work related files on the devices configured, regardless if the device is joined to a domain or not and/or the device is connected directly to the company's private LAN or over the internet.
With the recent release of Windows Server 2012 R2, we at #CANITPRO thought it would be prudent to updateJane Yan's lab regarding Work Folders. Thus the post of this Step-By-Step on how to create a work folders test lab deployment in Windows Server 2012 R2 was created.   
Step 1: Getting Started
2.     Download Windows 8.1
 
3.     Setup you test lab by creating the following computers or VMs
o    Active Directory Domain Services domain controller (DC)
o    File server running Windows Server 2012 R2
o    2 client PCs running Windows 8.1 or Windows RT 8.1 (to observe documents sync between 2 devices)

VM setup
Step 2: Configure Network
1.     In the Hyper-V Manager console, create a Virtual Switch marked as Private.
2.     Configure the VMs to use the Private network.

Step 3: DC setup
1.     Create a VM using Windows Server 2012 R2
2.     Rename the VM to DC.
3.     Configure the IP of the server as 10.10.1.10
4.     After the VM setup, open Server Manager, and then add the following roles:
o    Active Directory Domain Services
o    DHCP Server (Note: this role is optional. You can also configure static IP for each VM without enabling DHCP)
o    DNS Server
5.     Complete the wizard, then click on promote DC link “Promote this server to a domain controller”

 

 
6.     Use the wizard to create a new forest as “Contoso.com”, and configure the DC appropriately.
7.     Add a new scope in DHCP, such that other machines on the network can get IP address automatically. Note: this is optional, you can also manually configure other machines with static IP.

Step 4: Server setup
1.     Create a VM using Windows Server 2012 RS.
2.     Rename the VM to SyncSvr.
3.     Join the SyncSvr machine to the domain Contoso.com

Step 5: Client setup
1.     Create 2 VMs using Windows 8.1
2.     Rename VM1 to OfficePC
3.     Rename VM2 to HomePC
4.     Join OfficePC to the contoso.com domain.

Step 6: User and Security group creation
Work Folders can be configured to domain users, you need to create a few test users in the AD. For testing purposes, let’s create 10 domain users (U1 to U10).
It is recommend that controlling access to Work Folders through security groups. Create one group named “Sales”, with scope “Global” and type “Security”, and add the 10 domain users (U1 to U10) in the Sales security group.

Step 7: Sync Server configuration
For all the operations performed on the server, the UI will be shown through Server Manager, and followed by the equivalent Windows PowerShell cmdlet.
Enabling the Work Folders role
Step 8: Using Server Manager UI
1.     Launch the Server Manager on SyncSvr.
2.     On the dashboard, click “Add roles and features”.
3.     Follow the wizard, on the Server Role selection page, choose Work Folders under File and Storage Services:

 
 
4.     Complete the wizard.

Using PowerShell cmdlet: PS C:\> Add-WindowsFeature FS-SyncShareService

Create Sync Share
Step 9: Using Server Manager UI
A sync share is the unit of management on the sync servers. A sync share maps to a local path where all the user folders will be hosted under, and a group of users who can access the sync share.
1. Launch New Sync Share Wizard from Server Manager
2. Provide the local path where user folders will be created under, type C:\SalesShare, and then click next.

 
Note: There are 2 options to specify the local path:
If you have a local path that is configured to be an SMB share, such as a folder redirection share, you can simply select the first option “Select by file share”. For example, as the screenshot shown above, I had one SMB share created on this server, which points to the C:\finshare location. I can simply enable the path “c:\finshare” for sync by select the first radio button.
If it is a brand new server, and you only creating sync shares, you can provide the local path directly in the second option, which is being demoed in this Step-By-Step.
Creating a sync share simply allows user to access the data hosted on the file server through the Sync protocol, in addition, the same data set can be accessed through SMB or NFS. The wizard makes it easy when creating the sync share, as you can pick the location by either knowing the local path or through a SMB (or NFS) share name. If you are enabling sync share first to a local path, I will also illustrate the steps to enable SMB to the same location, so the legacy client without Work Folders can access the data set through SMB.
Sync share requires the local path to be hosted on NTFS volumes. If the local path is created as part of the UI wizard or cmdlet, the permissions will get inherited from the parent folder by default. After the wizard completes, additional permissions will be added to the local path to ensure users assigned to the sync share can create/access the folder/files under the user folder. The table below shows the minimum NTFS permissions required on the local path, and will be configured by the sync share creation:

User account
Minimum permissions required (configured by Sync Share setup)
Creator/Owner
Full control, subfolders and files only
Security group of users needing sync to the share
List Folder/Read data, Create Folders/Append data, Traverse folder/execute file, Read/Write attributes – this folder only
Local system
Full control, this folder, subfolders and files
Administrator
Read, this folder only
Additional permissions may present on the local path as a result of inheritance, you need to make sure the user accounts listed in the table have the correct permissions after the sync share is created.
3. Select the user folder format, choose the default user alias, and click Next.

 


Note: There are 2 options you can select from the UI:
Options
View in Explorer
Using user alias. This is selected by default, and it is compatible with other technologies such as folder redirection or home folders.
Using alias@domain. This option ensures the uniqueness of the folder name for users across domains.

Sync only the following subfolder: By default, all the folders/files under the user folder will be synced to the devices. This checkbox allows the admin to specify a single subfolder to be synced to the devices. For example, the user folder might contain the following folders as part of a Folder Redirection deployment:

Admin can choose a subfolder “Document” as the folder to be synced to devices, and leaving other folders still functioning with Folder redirection. To do so, check “Sync only the following subfolder”

4. Provide the sync share name and description (optional), and click Next

5. Assign security groups for sync share access by clicking the Add button and entering the Sales security group (created in section User and Security group creation). Then click Next

Note: By default, the admin will not be able to access the user data on the server. If you want to have admin access to user data, uncheck the “Disable inherited permissions and grant users exclusive access to their files” checkbox.
6. Define device policies, and then click Next.

Note: Encryption policies request that the documents in Work Folders on the client devices be encrypted with the Enterprise ID. The Enterprise ID by default is the user primary SMTP email address, (aka proxyAddresses of the user object in AD). Using a different key to encrypt Work Folders ensures that personal documents on the same device are preserved if an admin wipes Work Folders on the device (for example, if the device is stolen).
The password policy enforces the following configuration on user PCs and devices:
  •  Minimum password length of 6
  • Autolock screen set to be 15 minutes or less
  • Maximum password retry of 10 or less
If the device doesn’t meet the policy, user will not be able to configure the Work Folders.

7. Check the sync share settings, and click Create.
Using PowerShell cmdlet: PS C:\>New-SyncShare SalesShare –path C:\SalesShare –User Contoso\Sales -RequireEncryption $true –RequirePasswordAutoLock $true

Enable SMB access
If you want to enable the sync share for SMB access, you can open the Windows Explorer, and navigate to the “This PC” location. Right click on the “SalesShare” folder, and select “Share with” -> “Specific people”. Add Contoso\Sales and change the permission level to “Read/Write”, as shown below:

Complete the UI by clicking on “Share” button.
Now user can also access the dataset through UNC path.
Note: Once the server is enabled for SMB access, server will check for data changes every 5 minutes by default. You can decrease the enumeration time (such as to 1 minute) by running the following cmdlet on the server:
PS C:\> Set-SyncServerSetting -MinimumChangeDetectionMins 1
It increases the server load each time the server enumerates files to detect changes, on the other hand, the changes done locally on the server through SMB can only be detected at each enumeration time. It is a balance act to tolerate change detection delay and the load server can handle.

Client setup
Since we prepared 2 VMs as the client machines, you will need to repeat the following setup on both client machines.
Step 10: Lab testing specific settings
Caution: The following regkey settings are only for lab testing, and should not be configured on any production servers.

1. Allow unsecure connection
By default, client always connect to the server using SSL, which requires the server to have SSL certificate installed and configured. In lab testing, you can configure the client to use http by running the following command on the client:

Reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WorkFolders /v AllowUnsecureConnection /t REG_DWORD /d 1
2. Converting from Email address to Server Url
When user enters the email address, such as Jane@contoso.com, the client will construct the Url ashttps://WorkFolders.contoso.com, and use that Url to communicate with the server. In production environment, you will need to publish the Url for the client to communicate to the server through reverse proxy. In testing, we’ll bypass the Url publication by configure the following regkey:

Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\WorkFolders /v ServerUrl /t REG_SZ /d 
http://syncServer.contoso.com
With this key set, the client will bypass the email address user entered, and use the Url in the regkey to establish the sync partnership.
Also note that, this key will not be present in the RTM release.
3. Change the client polling frequency
By default, client device will poll for change to the server every 10 minutes if there is no local changes under the Work Folders. You can configure the following regkey to speed up the polling to 5 seconds:

Reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WorkFolders /v PollingInterval /t REG_DWORD /d 5
Step 11: WorkFolders setup
1. User can find the setup link in Control Panel->System and Security->Work Folders
2. Provide the user email address, and then click Next.
 

Note: If the client machine is domain joined, user will not be prompted for credentials.
3. Specify where to store Work Folders on the device

Note: Users cannot change the Work Folder location in the preview release of Windows 8.1. This will be changed in the final RTM release.
4. Consent to the device policy, and then click Setup Work Folders.

Work Folders is now configured on the device. You can open File Explorer to see Work Folders.

Once you have configured both client machines, user can access the documents under the Work Folders location from any devices, and the documents will be kept in sync by Work Folders.

Sync in action
To test Work Folders, create a document (using Notepad or any other app) on one of the client machines and save the document under the Work Folders location. In a few moments, you should see the document get synced to the other client machine

Since the sync location was also enabled with SMB access, user can also view the data on computers without Work Folders by typing the UNC path in the explorer: