-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
1090 lines (1016 loc) · 56.2 KB
/
index.html
File metadata and controls
1090 lines (1016 loc) · 56.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<title>Admin Guide</title>
<link rel="stylesheet" href="style.css" />
<style>
html {
scroll-behavior: smooth;
}
</style>
</head>
<body>
<div class="container">
<nav class="sidebar">
<h2>Admin Guide</h2>
<ul>
<li><a href="#section1">1. IP Incompatibility Issue</a></li>
<li><a href="#section2">2. Misconfigured Dns Issue</a></li>
<li><a href="#section3">3. DHCP Full Pool Issue</a></li>
<li><a href="#section4">4. Static Routing Issue</a></li>
<li><a href="#section5">5. ACL Block Issue</a></li>
<li><a href="#section6">6. Switch Loop Issue</a></li>
<li><a href="#section7">7. Packet Loss and Latency Issue</a></li>
<li><a href="#section8">8. Port Access Issues</a></li>
<li><a href="#section9">9. Duplex Mismatch Issue</a></li>
<li><a href="#section10">10. Default Gateway Misconfiguration Issue</a></li>
</ul>
<div class="prepared-by">
<p class="name">Soner BAŞAK</p>
<p class="student-id">🎓 Öğrenci No: <strong>210316013</strong></p>
</div>
</nav>
<main class="content">
<!-- SECTION 1 -->
<section id="section1">
<h2>1. IP Incompatibility Issue – CISCO L3 (Network Layer)</h2>
<h3>1.1 Network Topology Overview</h3>
<ul>
<li>PC0 and PC1 are directly connected to the same Switch0.</li>
<li>Both PCs are manually configured with IP addresses in different network ranges, causing communication failure.</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.2</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
<tr><td>PC1</td><td>192.168.2.2</td><td>255.255.255.0</td><td>192.168.2.1</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/1.png" alt="images/1.Subnet-Mask-Mismatch/1.png" class="screenshot"/>
</div>
<h3>1.2 Issue Description</h3>
<ul>
<li>PC0 belongs to 192.168.1.0/24, PC1 belongs to 192.168.2.0/24.</li>
<li>Same subnet mask, different networks → no direct communication.</li>
<li>PC1’s gateway is outside its subnet → packet drop/failure.</li>
<li>Ping tests fail between PC0 and PC1.</li>
</ul>
<h3>1.3 Diagnosis Steps</h3>
<ol>
<li>Verify IP and subnet config on PC0 and PC1 (FastEthernet0)</li>
<li>Commands on both PCs:
<ul class="no-number">
<li><strong>PC0:</strong>
<pre>ipconfig</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/2.png" alt="images/1.Subnet-Mask-Mismatch/2.png" class="screenshot"/>
</div>
<pre>arp -a</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/3.png" alt="images/1.Subnet-Mask-Mismatch/3.png" class="screenshot"/>
</div>
<pre>ping 192.168.2.2</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/4.png" alt="images/1.Subnet-Mask-Mismatch/4.png" class="screenshot"/>
</div>
</li>
<li><strong>PC1:</strong>
<pre>ipconfig</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/5.png" alt="images/1.Subnet-Mask-Mismatch/5.png" class="screenshot"/>
</div>
<pre>arp -a</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/6.png" alt="images/1.Subnet-Mask-Mismatch/6.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.2</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/7.png" alt="images/1.Subnet-Mask-Mismatch/7.png" class="screenshot"/>
</div>
</li>
</ul>
</li>
<li>Check MAC table on the switch</li>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/8.png" alt="images/1.Subnet-Mask-Mismatch/8.png" class="screenshot"/>
</div>
</ol>
<h3>1.4 Resolution Steps</h3>
<ul>
<li>Use same subnet for both PCs</li>
<li>Or configure routing</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.2</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
<tr><td>PC1</td><td>192.168.1.3</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
</tbody>
</table>
<h3>1.5 Validation</h3>
<pre>ping 192.168.1.2</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/9.png" alt="images/1.Subnet-Mask-Mismatch/9.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.3</pre>
<div class="img-center">
<img src="images/1.Subnet-Mask-Mismatch/10.png" alt="images/1.Subnet-Mask-Mismatch/10.png" class="screenshot"/>
</div>
<h3>1.6 Conclusion</h3>
<ul>
<li>Same subnet mask ≠ same network</li>
<li>Default gateway outside subnet = failure</li>
<li>Consistent IP plan or routing is a must</li>
</ul>
<p><strong><a href="packets/1-ip_incompatibility_issue_L3.pkt" download>Download: IP Incompatibility Issue .pkt</a></strong></p>
<p><strong><a href="packets/1-ip_incompatibility_solved_L3.pkt" download>Download: IP Incompatibility Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 2 -->
<section id="section2">
<h2>2. Misconfigured Dns Issue - CISCO L5 (Application Layer)</h2>
<h3>2.1 Network Topology Overview</h3>
<ul>
<li>PC0, PC1, DNS and Web Server in same local network</li>
<li>PCs use 192.168.1.3 as DNS server</li>
<li>Web access depends on www.test.com resolution</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Gateway</th><th>DNS</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.10</td><td>255.255.255.0</td><td>192.168.1.1</td><td>192.168.1.3</td></tr>
<tr><td>PC1</td><td>192.168.1.11</td><td>255.255.255.0</td><td>192.168.1.1</td><td>192.168.1.3</td></tr>
<tr><td>DNS Server</td><td>192.168.1.3</td><td>255.255.255.0</td><td>192.168.1.1</td><td>—</td></tr>
<tr><td>Web Server</td><td>192.168.1.100</td><td>255.255.255.0</td><td>192.168.1.1</td><td>—</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/0.png" alt="images/2.DNS-Resolution-Failure/.png" class="screenshot"/>
</div>
<h3>2.2 Issue Description</h3>
<ul>
<li>DNS A record incorrect → www.test.com → 192.168.1.101</li>
<li>No host at 192.168.1.101 → failure</li>
<li>nslookup and ping fail</li>
</ul>
<h3>2.3 Diagnosis Steps</h3>
<ol>
<li>Check DNS config on PCs</li>
<li>Run:
<pre>nslookup www.test.com</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/1.png" alt="images/2.DNS-Resolution-Failure/1.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.3</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/2.png" alt="images/2.DNS-Resolution-Failure/2.png" class="screenshot"/>
</div>
<pre>ping www.test.com</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/3.png" alt="images/2.DNS-Resolution-Failure/3.png" class="screenshot"/>
</div>
</li>
<li>On DNS Server > Services > DNS:
<ul><li>Check A record: should be 192.168.1.100</li></ul>
</li>
</ol>
<h3>2.4 Resolution Steps</h3>
<ul>
<li>Edit A record:
<br><strong>www.test.com → 192.168.1.100</strong>
</li>
<li>Ensure DNS service is active</li>
</ul>
<h3>2.5 Validation</h3>
<pre>nslookup www.test.com</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/4.png" alt="images/2.DNS-Resolution-Failure/4.png" class="screenshot"/>
</div>
<pre>ping www.test.com</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/6.png" alt="images/2.DNS-Resolution-Failure/6.png" class="screenshot"/>
</div>
<pre>Visit: http://www.test.com</pre>
<div class="img-center">
<img src="images/2.DNS-Resolution-Failure/5.png" alt="images/2.DNS-Resolution-Failure/5.png" class="screenshot"/>
</div>
<h3>2.6 Conclusion</h3>
<ul>
<li>DNS misconfig = name resolution fails</li>
<li>Correct A record + active service = success</li>
<li>PCs must point to correct DNS IP</li>
</ul>
<p><strong><a href="packets/2-misconfigured_dns_issue_L7.pkt" download>Download: Misconfigured DNS Issue .pkt</a></strong></p>
<p><strong><a href="packets/2-misconfigured_dns_solved_L7.pkt" download>Download: Misconfigured DNS Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 3 -->
<section id="section3">
<h2>3. DHCP Full Pool Issue – CISCO L5 (Application Layer)</h2>
<h3>3.1 Network Topology Overview</h3>
<ul>
<li>PC0, PC1 and PC2 are connected to Switch0</li>
<li>DHCP Server is on the same switch</li>
<li>DHCP pool contains only 2 IP addresses</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th><th>DHCP Status</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>DHCP</td><td>—</td><td>—</td><td>Client</td></tr>
<tr><td>PC1</td><td>DHCP</td><td>—</td><td>—</td><td>Client</td></tr>
<tr><td>PC2</td><td>DHCP</td><td>—</td><td>—</td><td>Client</td></tr>
<tr><td>DHCP Server</td><td>192.168.1.1</td><td>255.255.255.0</td><td>—</td><td>Server</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/1.png" alt="images/3.DHCP-Pool-Exhaustion/1.png" class="screenshot"/>
</div>
<h3>3.2 Issue Description</h3>
<ul>
<li>DHCP pool has only 2 addresses</li>
<li>PC0 and PC1 get IPs, but PC2 fails</li>
<li>PC2 shows 169.254.x.x or no IP</li>
<li>PC2 cannot communicate on the network</li>
</ul>
<h3>3.3 Diagnosis Steps</h3>
<ol>
<li>On all PCs, check DHCP settings:
<ul><li>Desktop > IP Configuration → DHCP</li></ul>
</li>
<li>Run on each PC:
<ul class="no-number">
<li><strong>PC0:</strong>
<pre>ipconfig</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/2.png" alt="images/3.DHCP-Pool-Exhaustion/2.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.1</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/3.png" alt="images/3.DHCP-Pool-Exhaustion/3.png" class="screenshot"/>
</div>
</li>
<li><strong>PC1:</strong>
<pre>ipconfig</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/4.png" alt="images/3.DHCP-Pool-Exhaustion/4.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.1</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/5.png" alt="images/3.DHCP-Pool-Exhaustion/5.png" class="screenshot"/>
</div>
</li>
<li><strong>PC2:</strong>
<pre>ipconfig</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/6.png" alt="images/3.DHCP-Pool-Exhaustion/6.png" class="screenshot"/>
</div>
<pre>ping 192.168.1.1</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/7.png" alt="images/3.DHCP-Pool-Exhaustion/7.png" class="screenshot"/>
</div>
</li>
</ul>
</li>
<li>On DHCP Server > Services > DHCP:
<ul><li>Review IP pool configuration</li></ul>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/8.png" alt="images/3.DHCP-Pool-Exhaustion/8.png" class="screenshot"/>
</div>
</li>
</ol>
<h3>3.4 Resolution Steps</h3>
<ul>
<li>Increase DHCP pool to at least 3 IPs</li>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/9.png" alt="images/3.DHCP-Pool-Exhaustion/9.png" class="screenshot"/>
</div>
<li>Save DHCP settings</li>
<li>On PC2: IP Configuration → Click DHCP to renew</li>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/10.png" alt="images/3.DHCP-Pool-Exhaustion/10.png" class="screenshot"/>
</div>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th><th>DHCP Status</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.10</td><td>255.255.255.0</td><td>192.168.1.1</td><td>From DHCP</td></tr>
<tr><td>PC1</td><td>192.168.1.11</td><td>255.255.255.0</td><td>192.168.1.1</td><td>From DHCP</td></tr>
<tr><td>PC2</td><td>192.168.1.12</td><td>255.255.255.0</td><td>192.168.1.1</td><td>From DHCP</td></tr>
</tbody>
</table>
<h3>3.5 Validation</h3>
<ol>
<li>ipconfig on all PCs:
<ul>
<li>PC0: 192.168.1.10</li>
<li>PC1: 192.168.1.11</li>
<li>PC2: 192.168.1.12</li>
</ul>
</li>
<li>PC2:
<pre>ping 192.168.1.1</pre>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/11.png" alt="images/3.DHCP-Pool-Exhaustion/11.png" class="screenshot"/>
</div>
</li>
<li>PC0 → ping PC2</li>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/12.png" alt="images/3.DHCP-Pool-Exhaustion/12.png" class="screenshot"/>
</div>
<li>PC2 → ping PC1</li>
<div class="img-center">
<img src="images/3.DHCP-Pool-Exhaustion/13.png" alt="images/3.DHCP-Pool-Exhaustion/13.png" class="screenshot"/>
</div>
</ol>
<h3>3.6 Conclusion</h3>
<ul>
<li>Limited DHCP pool caused failure for PC2</li>
<li>APIPA or unconfigured IP indicates DHCP starvation</li>
<li>Solution: expand pool, monitor usage regularly</li>
</ul>
<p><strong><a href="packets/3-dhcp-full-pool-issue_L7.pkt" download>Download: DHCP Full Pool Issue .pkt</a></strong></p>
<p><strong><a href="packets/3-dhcp-full-pool-solved_L7.pkt" download>Download: DHCP Full Pool Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 4 -->
<section id="section4">
<h2>4. Static Routing Issue – CISCO L3 (Network Layer)</h2>
<h3>4.1 Network Topology Overview</h3>
<ul>
<li>Two routers connect two separate LANs</li>
<li>PC0 and PC1 are on different subnets</li>
<li>Static route missing or misconfigured on Router0</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>Interface / Description</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>—</td><td>192.168.1.10</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
<tr><td>Router0</td><td>Gi0/0/0</td><td>192.168.1.1</td><td>255.255.255.0</td><td>—</td></tr>
<tr><td>Router0</td><td>Gi0/0/1</td><td>10.0.0.1</td><td>255.255.255.252</td><td>—</td></tr>
<tr><td>Router1</td><td>Gi0/0/1</td><td>10.0.0.2</td><td>255.255.255.252</td><td>—</td></tr>
<tr><td>Router1</td><td>Gi0/0/0</td><td>192.168.2.1</td><td>255.255.255.0</td><td>—</td></tr>
<tr><td>PC1</td><td>—</td><td>192.168.2.10</td><td>255.255.255.0</td><td>192.168.2.1</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/4.Static-Routing-Problem/1.png" alt="images/4.Static-Routing-Problem/1.png" class="screenshot"/>
</div>
<h3>4.2 Issue Description</h3>
<ul>
<li>PC0 cannot reach PC1</li>
<li>Router0 lacks a static route to 192.168.2.0/24</li>
<li>Packets are dropped by Router0</li>
</ul>
<h3>4.3 Diagnosis Steps</h3>
<ol>
<li>On Router0:
<pre>show ip route</pre>
<div class="img-center">
<img src="images/4.Static-Routing-Problem/2.png" alt="images/4.Static-Routing-Problem/2.png" class="screenshot"/>
</div>
<ul><li>192.168.2.0/24 not listed</li></ul>
</li>
<li>Check static routes:
<pre>show running-config | include ip route</pre>
<ul><li>No route to 192.168.2.0/24</li></ul>
</li>
<li>Ping tests:
<ul>
<li>PC0 → ping 192.168.1.1 → success</li>
<li>PC0 → ping 192.168.2.10 → fails</li>
</ul>
</li>
</ol>
<h3>4.4 Resolution Steps</h3>
<ul>
<li>Add static route on Router0:
<pre>Router0(config)# ip route 192.168.2.0 255.255.255.0 10.0.0.2</pre>
</li>
<li>This tells Router0 to reach 192.168.2.0 via Router1</li>
</ul>
<h3>4.5 Validation</h3>
<ol>
<li>Check routing table:
<pre>show ip route</pre>
<div class="img-center">
<img src="images/4.Static-Routing-Problem/3.png" alt="images/4.Static-Routing-Problem/3.png" class="screenshot"/>
</div>
<ul><li>192.168.2.0 should now be listed as static</li></ul>
</li>
<li>Ping test:
<pre>PC0> ping 192.168.2.10</pre>
<div class="img-center">
<img src="images/4.Static-Routing-Problem/4.png" alt="images/4.Static-Routing-Problem/4.png" class="screenshot"/>
</div>
</li>
<li>Traceroute to verify path:
<pre>PC0> tracert 192.168.2.10</pre>
<div class="img-center">
<img src="images/4.Static-Routing-Problem/5.png" alt="images/4.Static-Routing-Problem/5.png" class="screenshot"/>
</div>
</li>
</ol>
<h3>4.6 Conclusion</h3>
<ul>
<li>Missing static routes prevent inter-network communication</li>
<li>Correct static route configuration restores connectivity</li>
<li>Verify all route paths and next-hop addresses in routing setups</li>
</ul>
<p><strong><a href="packets/4-static_routing_issue_L3.pkt" download>Download: Static Routing Issue .pkt</a></strong></p>
<p><strong><a href="packets/4-static_routing_solved_L3.pkt" download>Download: Static Routing Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 5 -->
<section id="section5">
<h2>5. ACL Block Issue – CISCO L3 (Network Layer)</h2>
<h3>5.1 Network Topology Overview</h3>
<ul>
<li>Three VLANs connected via Router-on-a-Stick configuration</li>
<li>PC0 in VLAN 10 (192.168.1.0/24), PC1 in VLAN 20 (192.168.2.0/24)</li>
<li>DNS Server and Web Server in VLAN 30 (192.168.3.0/24)</li>
<li>ACL initially blocks PC0 from accessing VLAN 30</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.10</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
<tr><td>PC1</td><td>192.168.2.10</td><td>255.255.255.0</td><td>192.168.2.1</td></tr>
<tr><td>DNS Server</td><td>192.168.3.10</td><td>255.255.255.0</td><td>192.168.3.1</td></tr>
<tr><td>Web Server</td><td>192.168.3.11</td><td>255.255.255.0</td><td>192.168.3.1</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/5.ACL-Block/1.png" alt="images/5.ACL-Block/1.png" class="screenshot"/>
</div>
<h3>5.2 Issue Description</h3>
<ul>
<li>PC0 is unable to reach the DNS and Web servers</li>
<li>An ACL is applied on the router interface for VLAN 10</li>
<li>ACL denies traffic from 192.168.1.10 to 192.168.3.10 and 192.168.3.11</li>
</ul>
<h3>5.3 Diagnosis Steps</h3>
<ol>
<li>From PC0:
<pre>ping 192.168.3.10</pre>
<div class="img-center">
<img src="images/5.ACL-Block/2.png" alt="images/5.ACL-Block/2.png" class="screenshot"/>
</div>
<pre>ping 192.168.3.11</pre>
<div class="img-center">
<img src="images/5.ACL-Block/3.png" alt="images/5.ACL-Block/3.png" class="screenshot"/>
</div>
</li>
<li>From PC1:
<pre>ping 192.168.3.10</pre>
<div class="img-center">
<img src="images/5.ACL-Block/4.png" alt="images/5.ACL-Block/4.png" class="screenshot"/>
</div>
<pre>ping 192.168.3.11</pre>
<div class="img-center">
<img src="images/5.ACL-Block/5.png" alt="images/5.ACL-Block/5.png" class="screenshot"/>
</div>
</li>
<li>On Router:
<pre>show access-lists</pre>
<div class="img-center">
<img src="images/5.ACL-Block/6.png" alt="images/5.ACL-Block/6.png" class="screenshot"/>
</div>
<pre>show run | include access-list</pre>
<div class="img-center">
<img src="images/5.ACL-Block/7.png" alt="images/5.ACL-Block/7.png" class="screenshot"/>
</div>
</li>
</ol>
<h3>5.4 Resolution Steps</h3>
<ul>
<li>Initial ACL blocking PC0:
<pre>
access-list 100 deny ip host 192.168.1.10 host 192.168.3.10
access-list 100 deny ip host 192.168.1.10 host 192.168.3.11
access-list 100 permit ip any any
interface GigabitEthernet0/0/0.10
ip access-group 100 in
</pre>
</li>
<li>To allow PC0 again, remove old ACL and replace with permissive rule:
<pre>
no access-list 100
access-list 100 permit ip any any
</pre>
</li>
<li>Ensure ACL is re-applied to interface:
<pre>
interface GigabitEthernet0/0/0.10
ip access-group 100 in
</pre>
</li>
</ul>
<h3>5.5 Validation</h3>
<ol>
<li>From PC0:
<pre>ping 192.168.3.10 → Success</pre>
<div class="img-center">
<img src="images/5.ACL-Block/8.png" alt="images/5.ACL-Block/8.png" class="screenshot"/>
</div>
<pre>ping 192.168.3.11 → Success</pre>
<div class="img-center">
<img src="images/5.ACL-Block/9.png" alt="images/5.ACL-Block/9.png" class="screenshot"/>
</div>
</li>
</ol>
<h3>5.6 Conclusion</h3>
<ul>
<li>Initial ACL successfully blocked PC0 from accessing servers</li>
<li>Diagnosis confirmed block was ACL-related</li>
<li>Removing or modifying the ACL restored access</li>
<li>Layer 3 ACLs effectively control inter-VLAN communication</li>
</ul>
<p><strong><a href="packets/5-acl-block-issue-L3.pkt" download>Download: ACL Block Issue .pkt</a></strong></p>
<p><strong><a href="packets/5-acl-block-solved-L3.pkt" download>Download: ACL Block Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 6 -->
<section id="section6">
<h2>6. Switch Loop Issue - CISCO L2 (Data Link Layer)</h2>
<h3>6.1 Network Topology Overview</h3>
<ul>
<li>Three switches (Switch1, Switch2, Switch3) are connected in a triangular topology</li>
<li>PC0 is connected to Switch1, and PC1 is connected to Switch3</li>
<li>This creates a Layer 2 loop if Spanning Tree Protocol (STP) is not active</li>
<li>PCs are connected to Switch1 and Switch3</li>
<li>By default, STP is enabled and manages redundant links</li>
</ul>
<div class="img-center">
<img src="images/6.Switch-Loop-Issue/1.png" alt="images/6.Switch-Loop-Issue/1.png" class="screenshot"/>
</div>
<h3>6.2 Issue Description (When STP is Disabled)</h3>
<ul>
<li>Layer 2 switches rely on MAC address learning and frame flooding</li>
<li>In a looped topology without STP, broadcast and unknown unicast frames endlessly circulate</li>
<li>This results in a broadcast storm, exhausting bandwidth and CPU resources</li>
<li>Consequently, hosts are unable to communicate effectively</li>
</ul>
<h3>6.3 Diagnosis Steps</h3>
<ol>
<li>Observe network behavior:
<ul>
<li>Excessive LED activity on switch ports</li>
<li>PCs fail to ping or obtain IP addresses</li>
<li>Switch CLI shows high CPU usage</li>
</ul>
</li>
<li>Run diagnostics on switches:
<ul>
<li>Check MAC address table:
<pre>Switch# show mac address-table</pre>
<div class="image-row">
<img src="images/6.Switch-Loop-Issue/2S1.png" alt="Switch1" class="row-img" />
<img src="images/6.Switch-Loop-Issue/2S2.png" alt="Switch2" class="row-img" />
<img src="images/6.Switch-Loop-Issue/2S3.png" alt="Switch3" class="row-img" />
</div>
<li>Entries may appear duplicated, unstable, or rapidly changing</li>
</ul>
</li>
<li>Temporarily disconnect one redundant link:
<ul>
<li>If the network stabilizes, the loop was the root cause</li>
</ul>
</li>
</ol>
<h3>6.4 Resolution Steps (Enabling STP)</h3>
<ul>
<li>STP is enabled by default on Cisco switches. Verify with:
<pre>Switch# show spanning-tree</pre>
<div class="image-row">
<img src="images/6.Switch-Loop-Issue/3S1.png" alt="Switch1" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/3S2.png" alt="Switch2" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/3S3.png" alt="Switch3" class="row-img"/>
</div>
</li>
<li>If needed, configure or re-enable STP explicitly:
<pre>Switch(config)# spanning-tree mode pvst</pre>
</li>
<li>If STP was disabled on a VLAN (not recommended), re-enable it:
<pre>Switch(config)# spanning-tree vlan 1</pre>
</li>
<li>After enabling, STP elects a Root Bridge (e.g., Switch1)</li>
<li>One of the redundant ports (e.g., Switch3's Fa0/2) is placed in <strong>blocking (Altn BLK)</strong> state to prevent loops</li>
</ul>
<h3>6.5 Validation</h3>
<ol>
<li>Ensure STP is operational and port roles are correctly assigned:
<pre>Switch# show spanning-tree</pre>
<div class="img-center">
<img src="images/6.Switch-Loop-Issue/4S1.png" alt="images/6.Switch-Loop-Issue/1.png" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/4S2.png" alt="images/6.Switch-Loop-Issue/2.png" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/4S3.png" alt="images/6.Switch-Loop-Issue/3.png" class="row-img"/>
</div>
<ul>
<li>Look for one Root Bridge across the switches</li>
<li>Verify that at least one port is in blocking state</li>
</ul>
</li>
<li>Test connectivity:
<ul>
<li>PCs should be able to ping each other</li>
<li>No signs of broadcast storm or congestion</li>
</ul>
</li>
<li>Check MAC address table:
<pre>Switch# show mac address-table</pre>
<div class="image-row">
<img src="images/6.Switch-Loop-Issue/5S1.png" alt="images/6.Switch-Loop-Issue/1.png" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/5S2.png" alt="images/6.Switch-Loop-Issue/2.png" class="row-img"/>
<img src="images/6.Switch-Loop-Issue/5S3.png" alt="images/6.Switch-Loop-Issue/3.png" class="row-img"/>
</div>
<ul>
<li>Entries should be stable and mapped to correct ports</li>
</ul>
</li>
</ol>
<h3>6.6 Conclusion</h3>
<ul>
<li>Switch loops are critical Layer 2 issues that lead to broadcast storms and network collapse</li>
<li>STP dynamically prevents loops by blocking redundant paths while maintaining redundancy</li>
<li>Always keep STP enabled in topologies with multiple switch interconnections</li>
</ul>
<p><strong><a href="packets/6-switch-loop-issue_L2.pkt" download>Download: Switch Loop Issue .pkt</a></strong></p>
<p><strong><a href="packets/6-switch-loop-solved_L2.pkt" download>Download: Switch Loop Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 7 -->
<section id="section7">
<h2>7. Packet Loss and Latency Issue – CISCO L3-4 (Network-Transport Layer)</h2>
<h3>7.1 Network Topology Overview</h3>
<ul>
<li>Two PCs connected through individual switches to a router</li>
<li>A router is used to route traffic between different subnets</li>
<li>No web server or QoS is used in this scenario</li>
<li>A misconfigured router interface simulates packet loss and latency</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>IP Address</th><th>Subnet Mask</th><th>Default Gateway</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>192.168.1.10</td><td>255.255.255.0</td><td>192.168.1.1</td></tr>
<tr><td>PC1</td><td>192.168.2.10</td><td>255.255.255.0</td><td>192.168.2.1</td></tr>
<tr><td>Router</td><td>G0/0/0: 192.168.1.1<br>G0/0/1: 192.168.2.1</td><td>255.255.255.0</td><td>—</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/7.Packet-Loss-and-Latency/1.png" alt="images/7.Packet-Loss-and-Latency/1.png" class="screenshot"/>
</div>
<h3>7.2 Issue Description</h3>
<ul>
<li>The router interface G0/0/1 is administratively down, simulating a connection issue</li>
<li>As a result, communication between PCs fails</li>
<li>Ping from PC0 to PC1 results in packet loss (timeout)</li>
</ul>
<h3>7.3 Diagnosis Steps</h3>
<ol>
<li>Use Packet Tracer simulation mode and send a ping from PC0 to PC1:
<pre>ping 192.168.2.10</pre>
<div class="img-center">
<img src="images/7.Packet-Loss-and-Latency/2.png" alt="images/7.Packet-Loss-and-Latency/2.png" class="screenshot"/>
</div>
</li>
<li>Observe the response:
<ul>
<li>Ping fails with "Request timed out" and "Destination host unreachable"</li>
<li>100% packet loss occurs</li>
</ul>
</li>
<li>Access the router CLI and verify interface status:
<pre>
Router> enable
Router# show ip interface brief
</pre>
</li>
<div class="img-center">
<img src="images/7.Packet-Loss-and-Latency/3.png" alt="images/7.Packet-Loss-and-Latency/3.png" class="screenshot"/>
</div>
<li>Note that the interface G0/0/1 is "administratively down"</li>
</ol>
<h3>7.4 Resolution Steps</h3>
<ul>
<li>Activate the router interface G0/0/1:
<pre>
Router> enable
Router# configure terminal
Router(config)# interface gigabitethernet0/0/1
Router(config-if)# no shutdown
</pre>
</li>
<div class="img-center">
<img src="images/7.Packet-Loss-and-Latency/4.png" alt="images/7.Packet-Loss-and-Latency/4.png" class="screenshot"/>
</div>
<li>Verify that the interface is now "up"</li>
<li>No further configuration changes are needed since IP settings are already correct</li>
</ul>
<h3>7.5 Validation</h3>
<ol>
<li>Repeat the ping test from PC0 to PC1:
<pre>ping 192.168.2.10</pre>
<div class="img-center">
<img src="images/7.Packet-Loss-and-Latency/5.png" alt="iimages/7.Packet-Loss-and-Latency/5.png" class="screenshot"/>
</div>
<ul>
<li>Ping replies should now be received</li>
<li>No packet loss should occur</li>
</ul>
</li>
<li>Check the simulation event list:
<ul>
<li>No dropped packets should be observed</li>
</ul>
</li>
</ol>
<h3>7.6 Conclusion</h3>
<ul>
<li>Packet loss and latency may occur due to basic misconfigurations such as a disabled router interface</li>
<li>Regular CLI checks like <code>show ip interface brief</code> help quickly identify such issues</li>
<li>Proper configuration and active interfaces are critical for inter-subnet communication</li>
<li>Ping tests and Packet Tracer simulation are effective tools for validating network connectivity</li>
</ul>
<p><strong><a href="packets/7-packet_loss_issue_L3-4.pkt" download>Download: Packet Loss and Latency Issue .pkt</a></strong></p>
<p><strong><a href="packets/7-packet_loss_solved_L3-4.pkt" download>Download: Packet Loss and Latency Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 8 -->
<section id="section8">
<h2>8. Port Access Issues – CISCO Layer 2 (Data Link Layer)</h2>
<h3>8.1 Network Topology Overview</h3>
<ul>
<li>PC0 and PC1 are connected to different ports on Switch0</li>
<li>Both PCs are expected to be in the same VLAN for communication</li>
<li>PC0 is correctly assigned to VLAN 10</li>
<li>PC1 is mistakenly assigned to VLAN 20</li>
</ul>
<table>
<thead>
<tr><th>Device</th><th>Port</th><th>IP Address</th><th>Subnet Mask</th><th>VLAN</th></tr>
</thead>
<tbody>
<tr><td>PC0</td><td>FastEthernet0/1</td><td>192.168.10.10</td><td>255.255.255.0</td><td>10</td></tr>
<tr><td>PC1</td><td>FastEthernet0/2</td><td>192.168.10.11</td><td>255.255.255.0</td><td>20</td></tr>
<tr><td>Switch0</td><td>—</td><td>—</td><td>—</td><td>Configured for VLAN 10 and 20</td></tr>
</tbody>
</table>
<div class="img-center">
<img src="images/8.Port-Access-Issue/1.png" alt="images/8.Port-Access-Issue/1.png" class="screenshot"/>
</div>
<h3>8.2 Issue Description</h3>
<ul>
<li>PC0 and PC1 are unable to ping each other</li>
<li>Both IP addresses are in the same subnet, but communication fails</li>
<li>The cause is misconfigured VLAN assignment on Switch0</li>
<li>Ports are isolated due to being in different VLANs</li>
</ul>
<h3>8.3 Diagnosis Steps</h3>
<ol>
<li>On Switch0, check VLAN assignment:
<pre>Switch# show vlan brief</pre>
<div class="img-center">
<img src="images/8.Port-Access-Issue/2.png" alt="images/8.Port-Access-Issue/2.png" class="screenshot"/>
</div>
<ul>
<li>Verify which ports are in VLAN 10 and VLAN 20</li>
<li>PC1's port (Fa0/2) incorrectly appears under VLAN 20</li>
</ul>
</li>
<li>Ping test:
<ul>
<li>PC0 > ping 192.168.10.11 → Fails</li>
<div class="img-center">
<img src="images/8.Port-Access-Issue/3.png" alt="images/8.Port-Access-Issue/3.png" class="screenshot"/>
</div>
<li>PC1 > ping 192.168.10.10 → Fails</li>
<div class="img-center">
<img src="images/8.Port-Access-Issue/4.png" alt="images/8.Port-Access-Issue/4.png" class="screenshot"/>
</div>
</ul>
</li>
<li>Verify PC configurations:
<ul>
<li>IP address and subnet mask are correct and matching</li>
<li>Only VLAN mismatch remains as a possible cause</li>
</ul>
</li>
</ol>
<h3>8.4 Resolution Steps</h3>
<ul>
<li>Reassign PC1’s port (Fa0/2) to VLAN 10:
<pre>
Switch# configure terminal
Switch(config)# interface fa0/2
Switch(config-if)# switchport access vlan 10
Switch(config-if)# end
</pre>
</li>
<li>Save the configuration:
<pre>Switch# write memory</pre>
</li>
<li>Verify changes:
<pre>Switch# show vlan brief</pre>
</li>
<div class="img-center">
<img src="images/8.Port-Access-Issue/5.png" alt="images/8.Port-Access-Issue/5.png" class="screenshot"/>
</div>
</ul>
<h3>8.5 Validation</h3>
<ul>
<li>Ping between PCs again:
<pre>PC0 > ping 192.168.10.11</pre>
<div class="img-center">
<img src="images/8.Port-Access-Issue/6.png" alt="images/8.Port-Access-Issue/6.png" class="screenshot"/>
</div>
<pre>PC1 > ping 192.168.10.10</pre>
<div class="img-center">
<img src="images/8.Port-Access-Issue/7.png" alt="images/8.Port-Access-Issue/7.png" class="screenshot"/>
</div>
</li>
<li>Pings should now succeed, confirming VLAN access correction</li>
</ul>
<h3>8.6 Conclusion</h3>
<ul>
<li>Incorrect VLAN assignments can isolate devices on the same physical switch</li>
<li>Even with correct IP configurations, VLAN mismatches prevent communication</li>
<li>Always verify port-to-VLAN mappings when diagnosing L2 connectivity issues</li>
</ul>
<p><strong><a href="packets/8-port-access-issue-L2.pkt" download>Download: Port Access Issue .pkt</a></strong></p>
<p><strong><a href="packets/8-port-access-solved-L2.pkt" download>Download: Port Access Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 9 -->
<section id="section9">
<h2>9. Duplex Mismatch Issue - CISCO L1-L2(Physical-Data Layer)</h2>
<h3>9.1 Network Topology Overview</h3>
<ul>
<li>Two PCs (192.168.1.10 <strong>(PC0)</strong> and 192.168.1.11 <strong>(PC1)</strong>) connected to Switch0</li>
<li>PC0 is connected to Fa0/0 and set to <strong>full-duplex</strong></li>
<li>Switch port Fa0/0 is manually configured as <strong>half-duplex</strong></li>
<li>PC1 and its corresponding port (Fa0/1) are both set to auto</li>
</ul>
<div class="img-center">
<img src="images/9.Duplex-Mismatch-Issue/1.png" alt="Initial Topology" class="screenshot"/>
</div>
<h3>9.2 Issue Description</h3>
<ul>
<li>Duplex mismatch between PC0 and Switch port causes:</li>
<li>Frame collisions, increased CRC errors, retransmissions</li>
<li>Ping commands from PC0 to PC1 intermittently fail or time out</li>
<li>Performance degradation despite IP configurations being correct</li>
</ul>
<h3>9.3 Diagnosis Steps</h3>
<ul>
<li>Observe ping behavior: high latency and packet loss</li>
<li>Check switch interface for errors:
<pre>Switch# show interfaces fa0/0</pre>
</li>
<div class="img-center">
<img src="images/9.Duplex-Mismatch-Issue/2.png" alt="Interface Statistics with Errors" class="screenshot"/>
</div>
<li>Look for high collision and CRC count</li>
</ul>
<h3>9.4 Resolution</h3>
<ul>
<li>Ensure both ends use matching duplex settings</li>
<li>Use <code>duplex auto</code> for automatic negotiation:
<pre>
Switch> enable
Switch# configure terminal
Switch(config)# interface fa0/0
Switch(config-if)# duplex auto
</pre>
</li>
<div class="img-center">
<img src="images/9.Duplex-Mismatch-Issue/3.png" alt="Duplex Auto Configured" class="screenshot"/>
</div>
<li>Or set both sides to <code>duplex full</code> manually</li>
</ul>
<h3>9.5 Validation</h3>
<ul>
<li>Verify duplex consistency:
<pre>Switch# show interfaces fa0/1 | include Duplex</pre>
</li>
<li>Ping from PC0 to PC1:
<pre>PC0 > ping 192.168.1.11</pre>
<div class="img-center">
<img src="images/9.Duplex-Mismatch-Issue/4.png" alt="Successful Ping" class="screenshot"/>
</div>
</li>
<li>Ping should succeed with 0% packet loss and normal latency</li>
</li>
</ul>
<h3>9.6 Conclusion</h3>
<ul>
<li>Duplex mismatch is a Layer 1/2 issue that causes degraded performance and intermittent connectivity</li>
<li>Always ensure matching duplex settings on both ends of a link</li>
<li>Use auto-negotiation where possible, or manually configure both sides identically</li>
<li>Switch interface diagnostics help identify such physical layer problems</li>
</ul>
<p><strong><a href="packets/9-duplex-mismatch-issue_L1_L2.pkt" download>Download: Duplex Mismatch Issue .pkt</a></strong></p>
<p><strong><a href="packets/9-duplex-mismatch-solved_L1_L2.pkt" download>Download: Duplex Mismatch Solved .pkt</a></strong></p>
</section><br>
<!-- SECTION 10 -->
<section id="section10">
<h2>10. Default Gateway Misconfiguration Issue – CISCO L3 (Network Layer)</h2>
<h3>10.1 Network Topology Overview</h3>
<ul>
<li>PC0 is connected to Switch0 with IP address <strong>192.168.1.10/24</strong></li>
<li>Router0 is connected to Switch0 on interface <strong>GigabitEthernet0/0 – 192.168.1.1</strong></li>