Troubleshooting ACLs with Wireshark

The goal of this course is to provide you with a foundation in Wireshark and how to implement it in real-world troubleshooting situations.
Course info
Rating
(86)
Level
Intermediate
Updated
Jun 19, 2013
Duration
3h 26m
Table of contents
Introduction to Troubleshooting ACLs with Wireshark
The OSI Model
Wireshark Basics
Access Control List (ACL) Basics
Troubleshooting TFTP and DNS Through an ACL
Troubleshooting TCP Through an ACL
Description
Course info
Rating
(86)
Level
Intermediate
Updated
Jun 19, 2013
Duration
3h 26m
Description

The goal of this course is to provide you with a foundation in Wireshark and how to implement it in real-world troubleshooting situations. This course demonstrates how to troubleshoot DNS, TFTP, and TCP on a typical network. Troubleshooting ACLs with Wireshark is designed for someone new to the Cisco CCNA material or the server administrator who does occasional troubleshooting.

About the author
About the author

For nearly 20 years, Ross has taught and managed data networks.

More from the author
Network Troubleshooting and Tools
Beginner
2h 54m
20 Apr 2018
Network Security Basics
Beginner
2h 16m
20 Apr 2018
Networking Concepts and Protocols
Beginner
5h 26m
20 Apr 2018
More courses by Ross Bagurdes
Section Introduction Transcripts
Section Introduction Transcripts

The OSI Model
Welcome to Train Signal. I'm Ross Bagurdes and in this video I'll be discussing the OSI model. Now many of you may have used the OSI model in an academic setting before and my intent with this particular video is to break down the OSI model in a very practical sense so that we can later use it to troubleshoot access control lists and other network issues using Wireshark. When we talk about data networking we really live in the sea of network protocols and these are things like IP and HTTP and FTP and POP3 and SSH and UDP and TCP and even cabling has specifications that we oftentimes talk about in data networking like CAT-6 or CAT-5 and T1 connections and fiber optic links and things like this. Now these protocols all each have a very precise purpose and interact with other protocols in a very specific way and we often use the terminology somewhat loosely or we use it in a way that we really don't understand how they interact with other protocols and this is where we really need some kind of model to organize all these protocols into some system. If you're a science nerd, this is kind of what we did with the periodic table of elements as we categorized everything into a specific spot on the table, which shows its relationship and characteristics to other elements on the periodic table. In this same way, we're going to do this with network protocols.

Wireshark Basics
Welcome to TrainSignal. I'm Ross Bagurdes and in this video we'll be discussing Wireshark basics and what I'd like to do is give you a brief overview of Wireshark, show you how to install it, select the proper interface to capture on, and then do some basic Wireshark captures of a ping, of a 3-way handshake, and of a website. Now the segment, the packet and the frame. These three datagram types are going to be exactly what we see in Wireshark and it's going to be what we use to troubleshoot in Wireshark. At the transport layer we have the segment and in the segment we have application layer data and then a header containing the source port, destination port, and then other info about whether this is TCP or UDP and the specifics about that protocol. At the network layer we have our packet and in the packet we put our segment from the transport layer as the data and then we have a network layer header which contains the source IP address, destination IP address, as well as some other info that helps IP work. Last, we take our packet at the network layer and we make that the data of the data link layer and here we're going to have a destination MAC address, a source MAC address, and other info about that data link layer protocol. Now again, this frame is going to look like an Ethernet frame. Most frames at the data link layer look similar but each protocol is going to use something a little bit different, so if you're not using Ethernet at the data link layer, your frame may look different.

Access Control List (ACL) Basics
Welcome to Train Signal. I'm Ross Bagurdes and in this video I'll be discussing access control list basics. Now an access control list is used on a piece of network gear in order to select and typically filter traffic that goes through that particular device. When we do this with an access control list we're really focusing on only two layers of the OSI model, the transport layer and the network layer. At the transport layer we're going to be able to write an access control list that can filter based on TCP or UDP protocols and then it can also filter based on the port number at the transport layer, either the source port number or the destination port number. At the network layer we're going to use IP addressing and we'll be able to use an access control list to filter with the IP protocol and a source and destination IP address.

Troubleshooting TFTP and DNS Through an ACL
Welcome to TrainSignal. I'm Ross Bagurdes, and in this video I will be discussing troubleshooting TFTP and DNS through an Access Control List. Now in a previous video in the Access Control List Basics video, I showed you how to set up an Access Control List for a DMZ for the Globomantics network, and when we left that lesson we had several issues that were not working through our Access Control List to get our DMZ working the way we wanted it to, so what we need to do now is we need to work with that Access Control List and troubleshoot our connection.