Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,800 --> 00:00:05,840 Welcome to Jeremy’s IT Lab. This is  a free, complete course for the CCNA.   2 00:00:06,720 --> 00:00:10,320 If you like these videos, please  subscribe to follow along with the series.   3 00:00:11,120 --> 00:00:15,600 Also, please like and leave a comment, and share  the video to help spread this free series of   4 00:00:15,600 --> 00:00:20,880 videos. Thanks for your help. Also, remember  to sign up via the link in the description to   5 00:00:20,880 --> 00:00:25,280 get all of the lab files for this course, so  you can try it out yourself in packet tracer. 6 00:00:26,480 --> 00:00:32,080 If you want more labs like these, I highly  recommend picking up Boson’s NetSim for the CCNA,   7 00:00:32,080 --> 00:00:36,880 click the link in the video description to check  it out. It’s a network simulator like packet   8 00:00:36,880 --> 00:00:41,520 tracer, but it’s even better, and it includes  all of these guided labs to not only help you get   9 00:00:41,520 --> 00:00:46,560 hands-on practice configuring and troubleshooting,  but also deepen your understanding of the exam   10 00:00:46,560 --> 00:00:51,520 topics. If you want to get NetSim, please  follow the link in the video description. 11 00:00:53,840 --> 00:00:58,160 In this video we’ll take a look at Syslog  and practice some basic configurations.   12 00:00:59,200 --> 00:01:03,840 Syslog functionality in Packet Tracer isn’t  perfect, but it’s much more developed than packet   13 00:01:03,840 --> 00:01:10,880 tracer’s SNMP functionality. We’ll take a look  at logging via the console line, the VTY lines,   14 00:01:10,880 --> 00:01:13,600 the buffer, and an external Syslog server. 15 00:01:15,200 --> 00:01:20,000 I’ll start with step 1, which says to  connect to R1’s console port using PC2.   16 00:01:20,960 --> 00:01:24,640 If I click on R1 like this and go to the CLI tab,   17 00:01:24,640 --> 00:01:30,880 this is the same as a console connection. However  accessing the device via a PC is more realistic,   18 00:01:30,880 --> 00:01:38,080 that’s how we connect to real network devices, so  let’s go on PC2. From the desktop tab, click on   19 00:01:38,080 --> 00:01:44,320 terminal, and these default settings are correct  so I’ll click OK. Now we’re in the CLI of R1.   20 00:01:45,200 --> 00:01:51,520 I’ll log in, as it says above the username is  jeremy and password is ccna, and then ENABLE   21 00:01:51,520 --> 00:02:00,320 and the password is ccna again. Now I’ll shut  down the G0/0 interface. CONF T. INTERFACE G0/0.   22 00:02:00,880 --> 00:02:07,280 SHUTDOWN. And we get two Syslog messages. Because  we’re connected to the console line, Syslog   23 00:02:07,280 --> 00:02:12,480 messages are displayed by default. Why are two  messages displayed when the interface goes down?   24 00:02:13,040 --> 00:02:20,240 Let me show you. DO SHOW IP INTERFACE BRIEF. The  first message is referring to the STATUS here,   25 00:02:20,240 --> 00:02:25,120 administratively down. And the second message  is referring to the PROTOCOL column, down.   26 00:02:26,080 --> 00:02:31,520 So, that’s why two messages are displayed.  Okay, let’s enable it again. NO SHUTDOWN.   27 00:02:32,960 --> 00:02:37,760 Okay, all of these messages are considered  severity level 5, also known as notice or   28 00:02:37,760 --> 00:02:42,640 notification. However, these messages don’t  have timestamps, so let’s enable those.   29 00:02:43,600 --> 00:02:50,800 EXIT. SERVICE TIMESTAMPS LOG DATETIME, and if I  try to enter the command it fails, why is that?   30 00:02:51,680 --> 00:02:58,240 In packet tracer we have to enter the MSEC option,  to display milliseconds in the timestamps. In real   31 00:02:58,240 --> 00:03:03,840 Cisco IOS, MSEC is just an option, you don’t have  to include it, but in Packet Tracer we have to.   32 00:03:04,800 --> 00:03:09,040 Okay, now I’ll exit from global config  mode and you can see the log message now   33 00:03:09,040 --> 00:03:14,400 includes a timestamp. I haven’t adjusted  the time of R1 so the time isn’t accurate,   34 00:03:14,400 --> 00:03:18,080 but in a real network it’s of course  very important to have accurate time. 35 00:03:20,160 --> 00:03:26,800 Okay, now let’s move on to step 2 and connect to  R1 from PC1 using Telnet. I’ve already configured   36 00:03:26,800 --> 00:03:32,000 R1 to allow Telnet connections, and I won’t cover  those configurations in this video. I’ll cover   37 00:03:32,000 --> 00:03:38,960 Telnet and SSH in a later video, perhaps the  next one. So, to Telnet to R1 we must open the   38 00:03:38,960 --> 00:03:46,240 command prompt of PC1. Then from here use the  command TELNET, followed by R1’s IP address,   39 00:03:46,240 --> 00:03:53,440 192.168.1.1. And now we’ve connected and can  login, then ENABLE and enter the password.   40 00:03:54,800 --> 00:04:02,320 Okay, so let’s enable another interface and see  if a log message appears. CONF T. INTERFACE G0/1.   41 00:04:03,120 --> 00:04:09,120 NO SHUTDOWN. And no message appears. That’s  because log messages aren’t displayed by default   42 00:04:09,120 --> 00:04:16,079 when connecting via the VTY lines. So, let’s  enable it. By the way, the LOGGING MONITOR command   43 00:04:16,079 --> 00:04:21,759 isn’t actually available in packet tracer, but if  we enable logging for the current Telnet session,   44 00:04:21,760 --> 00:04:27,040 it will be enabled automatically. So, what’s the  command to enable logging to the VTY lines for   45 00:04:27,040 --> 00:04:32,400 the current session? It’s TERMINAL MONITOR  from privileged exec mode, but I can use   46 00:04:32,400 --> 00:04:36,560 DO TERMINAL MONITOR to enable it  here from interface config mode.   47 00:04:37,680 --> 00:04:42,240 Okay, now I’ll disable the interface with  SHUTDOWN, and a log message is displayed.   48 00:04:43,520 --> 00:04:48,000 I said in the lecture video that the TERMINAL  MONITOR command only applies to the current   49 00:04:48,000 --> 00:04:54,000 session, the current connection. If I exit out  of this Telnet session and then connect again,   50 00:04:54,640 --> 00:04:58,560 the logs shouldn’t display unless I  use the TERMINAL MONITOR command again.   51 00:04:59,840 --> 00:05:04,240 Unfortunately, when I was testing the lab in  packet tracer I found that packet tracer doesn’t   52 00:05:04,240 --> 00:05:10,560 function totally accurately. So, even if I exit  out of Telnet and then connect again, log messages   53 00:05:10,560 --> 00:05:15,680 will still display. Don’t worry about that though,  what I taught in the lecture video is correct. 54 00:05:17,920 --> 00:05:23,680 Now let’s do step 3, which is to enable logging  to the buffer. On this router in packet tracer,   55 00:05:23,680 --> 00:05:29,360 logging to the buffer is actually disabled  by default. Let me show you. DO SHOW LOGGING.   56 00:05:30,400 --> 00:05:35,040 Here you can see the logging settings,  and buffer logging is disabled. So,   57 00:05:35,040 --> 00:05:44,400 let’s enable it. EXIT. LOGGING BUFFERED, and set  the size to 8192 bytes. Now, there is no option 58 00:05:44,400 --> 00:05:49,600 to set the level of messages logged to the buffer  in packet tracer. Let’s check the default level.   59 00:05:50,560 --> 00:05:56,880 DO SHOW LOGGING. Okay, looks like the default  level is DEBUGGING, so all messages will be   60 00:05:56,880 --> 00:06:01,840 saved to the buffer. Also, down here it  says ‘trap logging: level informational’.   61 00:06:02,400 --> 00:06:07,680 So, if a Syslog server is configured, messages  of informational severity or higher will be sent. 62 00:06:09,360 --> 00:06:12,800 Now let’s do step 4, which is to  enable logging to the Syslog server,   63 00:06:12,800 --> 00:06:19,440 SRV1, with a level of debugging. So, I can  use either LOGGING, and then the IP address,   64 00:06:19,440 --> 00:06:25,120 or add HOST and then enter the IP  address, which is 192.168.1.100.   65 00:06:26,240 --> 00:06:33,040 So, R1 will now send Syslog messages to SRV1.  But let’s set the severity to debugging. The   66 00:06:33,040 --> 00:06:39,120 command is LOGGING TRAP, and the only option in  packet tracer is DEBUGGING, so let’s do that.   67 00:06:40,320 --> 00:06:45,520 Okay, now I’ll exit from global config mode. And  actually I’ll generate a few more log messages.   68 00:06:46,240 --> 00:06:52,400 CONF T. I’ll enable G0/1 again.  INTERFACE G0/1. NO SHUTDOWN.   69 00:06:53,200 --> 00:06:59,920 And disable it again. SHUTDOWN. And let’s  return to privileged exec mode. END. So,   70 00:06:59,920 --> 00:07:08,080 that generated a few messages, let’s check on  SRV1. On SRV1, click on Services, and then Syslog.   71 00:07:09,120 --> 00:07:13,200 The Syslog server functionality in Packet  Tracer is very primitive, but here are   72 00:07:13,200 --> 00:07:16,101 the messages that were sent from R1 to SRV1.  73 00:07:16,720 --> 00:07:19,600 Okay, in this lab we did some  basic Syslog configurations.   74 00:07:20,400 --> 00:07:25,760 You probably won’t get any questions about syslog  configuration on the CCNA exam, but I think it’s   75 00:07:25,760 --> 00:07:30,560 a good idea to get some hands on practice, even  if it’s limited by packet tracer’s capabilities.   76 00:07:31,360 --> 00:07:37,200 That’s all for this lab. Next let’s take a  look at a bonus lab in Boson Software’s NetSim. 77 00:07:39,200 --> 00:07:45,920 Okay here's today's Boson NetSim practice lab. So,  as I have said Syslog configuration is not part of   78 00:07:45,920 --> 00:07:53,360 the new CCNA exam, so it's also not part of NetSim  for CCNA. So, for today's demo I've selected a   79 00:07:53,360 --> 00:08:01,840 lab from NetSim for ENCOR 350-401, which is the  core exam for the CCNP Enterprise certification.   80 00:08:03,120 --> 00:08:10,240 So that lab is system message logging. Although it  is a CCNP practice lab it's actually quite simple.   81 00:08:10,240 --> 00:08:15,360 So here's the topology. A couple routers,  couple switches, and some PCs, and one of   82 00:08:15,360 --> 00:08:21,280 them is a Syslog server. And these are all the  commands you need to know. So, as you can see,   83 00:08:21,280 --> 00:08:27,520 quite simple. You can definitely do this with  the commands I've already taught you. And it's   84 00:08:27,520 --> 00:08:32,560 just a single task with 10 steps, so let's go  through the whole lab for this demonstration.   85 00:08:34,320 --> 00:08:40,640 Okay, first on Router1, ping SyslogServer. The  ping should be successful. Okay let's see if   86 00:08:41,280 --> 00:08:51,120 it is in fact successful. PING 10.1.0.10. Okay  and it does work. Okay, configure Router1 to   87 00:08:51,120 --> 00:09:00,960 send system log messages to SyslogServer. Okay,  so CONF T. LOGGING, and I could use LOGGING HOST,   88 00:09:00,960 --> 00:09:10,080 or just LOGGING. Both of them have the same  effect. So, 10.1.0.10. That's it. How many   89 00:09:10,080 --> 00:09:19,040 levels of logging are available to trap? So, let  me see. DO SHOW LOGGING. Currently, the level is   90 00:09:19,040 --> 00:09:25,520 informational. So, level 6 all the way  down to 0 will be logged to the server.   91 00:09:28,080 --> 00:09:32,080 LOGGING TRAP. How many are  available? Well, all 8 are available,   92 00:09:32,080 --> 00:09:39,520 even though only 7 are configured at the moment,  0 through 6. Okay, if you configure a device   93 00:09:39,520 --> 00:09:45,440 to trap log messages up to level 7, would you  receive more log messages than if you configured   94 00:09:45,440 --> 00:09:52,960 a device to trap log messages up to level 1?  The answer to that is absolutely yes. If you   95 00:09:52,960 --> 00:10:00,320 configured level 1, that includes only level  1, alerts, and level 0, which is emergencies.   96 00:10:01,520 --> 00:10:04,960 But if you configured level 7,  that includes all of the levels.   97 00:10:07,680 --> 00:10:13,040 Okay, configure Router1 to limit log messages to  the warning severity level. Okay, so the command   98 00:10:13,040 --> 00:10:22,400 is LOGGING TRAP, and then WARNINGS. And let me  verify that, that is step 6. DO SHOW LOGGING.   99 00:10:24,000 --> 00:10:26,320 And here it is. Trap logging level warnings.   100 00:10:29,360 --> 00:10:34,400 Okay, on Switch1 and Switch2, ping  SyslogServer. Okay, let's see if both   101 00:10:34,400 --> 00:10:40,800 switches have connectivity. So I guess these  switches have an IP address maybe on VLAN1.   102 00:10:42,560 --> 00:10:51,920 No, it's VLAN99, they have an IP address.  Okay, so let's try that. PING 10.1.0.10, okay,   103 00:10:51,920 --> 00:10:56,520 that works. And from ping...not  ping2, from server2 (*Switch2~!!).   104 00:10:59,840 --> 00:11:05,760 Okay. So we are going to do the same  configurations on these switches. Configure   105 00:11:05,760 --> 00:11:12,480 them to send Syslog messages to the server, with  a level of warning or higher. And higher means   106 00:11:12,480 --> 00:11:17,520 higher severity, not higher number, because the  higher severities are actually lower in number.   107 00:11:18,880 --> 00:11:28,880 So I'll do it here on Switch2. LOGGING  10.1.0.10. LOGGING TRAP WARNINGS.   108 00:11:30,720 --> 00:11:42,880 And Switch1. LOGGING 10.1.0.10. LOGGING TRAP  WARNINGS. Okay, and verify the configuration.   109 00:11:42,880 --> 00:11:49,280 DO SHOW LOGGING. We've already got a bunch  of messages here, that is in the buffer.   110 00:11:51,600 --> 00:12:00,560 Okay, the level is warnings, looks good.  Switch2, again trap logging level warnings.   111 00:12:02,800 --> 00:12:07,360 Okay, so that's it, pretty quick and simple  lab. And since we've done the whole lab   112 00:12:07,360 --> 00:12:11,520 let's see if we did it correctly. So, I'll use  the grade lab function here and we'll check   113 00:12:11,520 --> 00:12:13,520 our configurations to see if they are correct.   114 00:12:16,080 --> 00:12:23,360 Okay, looks good. So, all green check marks  are here, so no mistakes. If we had any   115 00:12:23,360 --> 00:12:27,040 missing commands they would be highlighted.  They would be shown here, but highlighted in   116 00:12:27,040 --> 00:12:32,000 red. And if we had any extra commands that we  didn't need they would be highlighted in blue.   117 00:12:36,960 --> 00:12:42,320 Okay, so that was a quick look at Boson  NetSim. This time not for CCNA but for CCNP.   118 00:12:43,120 --> 00:12:48,240 This is a great source of detailed, guided  practice labs for the CCNA and for the   119 00:12:48,240 --> 00:12:52,800 CCNP. If you want to get NetSim, please  follow the link in the video description. 120 00:12:54,560 --> 00:12:59,200 Before finishing today’s video I want  to thank my JCNP-level channel members.   121 00:12:59,200 --> 00:13:05,280 To join, please click the ‘Join’ button under  the video. Thank you to Kenneth, Seamus, H W,   122 00:13:05,280 --> 00:13:11,280 Brandon, Samil, Aaron, Tech Alameda, Marcel, Kone,  Donald, C Mohd, Gustavo, Anthony, Biraj, Junhong,   123 00:13:11,280 --> 00:13:16,880 Benjamin, Tshepiso, Justin, Prakaash, Nasir,  Erlison, Apogee, Marko, Daming, Jhilmar, Ed,   124 00:13:16,880 --> 00:13:22,640 Value, John, Funnydart, Velvijaykum, Mark, Yousif,  Boson Software, Devin, Lito, Yonatan, and Vance.   125 00:13:23,360 --> 00:13:27,280 Sorry if I pronounced your name incorrectly,  but thank you so much for your support.   126 00:13:27,840 --> 00:13:34,720 This is the list of JCNP-level members at the time  of recording by the way, February 14th 2021. If   127 00:13:34,720 --> 00:13:39,280 you signed up recently and your name isn’t on  here don’t worry, you’ll be in future videos. 128 00:13:41,200 --> 00:13:44,240 Thank you for watching. Please  subscribe to the channel,   129 00:13:44,240 --> 00:13:48,960 like the video, leave a comment, and share the  video with anyone else studying for the CCNA.   130 00:13:50,080 --> 00:13:55,680 If you want to leave a tip, check the links in the  description. I'm also a Brave verified publisher   131 00:13:55,680 --> 00:14:01,840 and accept BAT, or Basic Attention Token, tips  via the Brave browser. That's all for now. 16783