Lesson 2: Configuring IPv6 CHAPTER 6 343 note IPSec6 The IPSec6 tool is not implemented in Windows 7. You might be unable to reach a local or remote destination because of incorrect or missing routes in the local IPv6 routing table. You can use the Route print, Netstat –r, or Netsh interface ipv6 show route command to view the local IPv6 routing table and verify that you have a route corresponding to your local subnet and to your default gateway. Note that the Netstat –r and Route print commands display both IPv4 and IPv6 routing tables. Practice Configuring IPv6 Connectivity In this practice, you configure a static site-local IPv6 configuration on the Canberra computer running Windows 7. You then configure a static site-local IPv6 configuration on the Aberdeen computer running Windows 7 and test IPv6 connectivity. exercise 1 Configuring IPv6 on the Canberra Computer In this exercise, you configure IPv6 on the Canberra computer. 1. Log on to the Canberra computer with the Kim_Akers account. 2. To permit ICMPv6 traffic to pass through the Canberra firewall, open an elevated command prompt and enter netsh advfirewall firewall add rule name=”ICMPv6” protocol=icmpv6:any,any dir=in action=allow. 3. Open Network And Sharing Center and click Change Adapter Settings. 4. Right-click the network connection to your private network and choose Properties. 5. Select Internet Protocol Version 6 (TCP/IPv6) and click Properties. 6. Configure a static site-local IPv6 address, fec0:0:0:fffe::1. 7. Click the box beside Subnet Prefix Length. The value 64 is entered automatically. The Properties dialog box should look similar to Figure 6-27. FIGURE 6-27 IPv6 configuration on the Canberra computer 3 4 4 CHAPTER 6 Network Settings 8. Click OK. Close the Local Area Connections Properties dialog box. 9. Close Network And Sharing Center. 10. In the elevated command prompt, enter ping fec0:0:0:fffe::1. Your screen should look similar to Figure 6-28. FIGURE 6-28 Pinging a site-local IPv6 address exercise 2 Configuring the Aberdeen Computer and Testing IPv6 Connectivity In this exercise, you configure IPv6 site-local addresses on the Aberdeen computer and test connectivity. You need to have configured the IPv6 settings on the Canberra computer before you start this exercise. If Aberdeen is a virtual machine, the designation of the Ethernet adapter that connects to your private network may be something other than “local area connection.” If so, adjust the commands accordingly. 1. Log on to the Aberdeen computer with the Kim_Akers account. 2. To permit ICMPv6 traffic to pass through the Aberdeen firewall, open an elevated command prompt and enter netsh advfirewall firewall add rule name=”ICMPv6” protocol=icmpv6:any,any dir=in action=allow. 3. To configure static IPv6 configuration, enter netsh interface ipv6 set address “local area connection” fec0:0:0:fffe::a. 4. Enter ping fec0:0:0:fffe::a to test your IPv6 configuration. 5. If necessary, log on to the Canberra computer using the Kim_Akers account and open an elevated command prompt. 6. Enter ping fec0:0:0:fffe::a. You should get the response shown in Figure 6-29. Lesson 2: Configuring IPv6 CHAPTER 6 345 FIGURE 6-29 Pinging the Aberdeen computer from Canberra 7. Enter netsh interface ipv6 show neighbors. Figure 6-30 shows the fec0:0:0:fffe::a interface as a neighbor on the same subnet as the Canberra computer. FIGURE 6-30 Showing the Canberra computer neighbors Lesson Summary n IPv6 supports unicast, multicast, and anycast addresses. Unicast addresses can be global, site-local, link-local, or special. n IPv6 is fully supported in Windows 7 and addresses problems such as lack of address space that are associated with IPv4. n IPv6 is designed to be backward-compatible, and you can specify IPV4-compatible addresses such as Teredo and 6to4 addresses. n Tools to configure and troubleshoot IPv6 include Ping, Ipconfig, Tracert, Pathping, and Netsh. n You can configure IPv6 by using the TCP/IPv6 Properties GUI. You can also use Netsh interface ipv6 commands to configure IPv6 settings. 346 CHAPTER 6 Network Settings Lesson Review You can use the following questions to test your knowledge of the information in Lesson 2, “Configuring IPv6.” The questions are also available on the companion DVD if you prefer to review them in electronic form. note ANSWERS Answers to these questions and explanations of why each answer choice is correct or incorrect are located in the “Answers” section at the end of the book. 1. What type of unicast IPv6 address would you typically use on the subnets of a private network to implement IPv6 connectivity over the subnet? a. Site-local address B. Link-local address c. Special address D. Anycast address 2. You are analyzing the configuration of an IPv6 network. Which of the following addresses can be used across the IPv6 Internet and is the equivalent of an IPv4 unicast public address? a. fec0:0:0:0:fffe::1 B. 21cd:53::3ad:3f:af37:8d62 c. fe80:d1ff:d166:7888:2fd6 D. ::1 3. You are using Network Monitor to analyze traffic on an IPv6 network. You want to examine the protocol that uses ICMPv6 messages to manage the interaction of neighboring nodes and resolves IPv6 addresses to hardware (MAC) addresses. What protocol do you examine? a. ARP B. DNS c. DHCPv6 D. ND 4. You are examining transition technologies on a network and want to identify the IPv4-to-IPv6 compatibility addresses being used. Which of the following is a Teredo address? a. 2001::0a0a:1efe:e866:efff:f5ff:ebfe B. 2002:c058:6301:: c. fe80::5efe:0a00:028f D. fec0:0:0:0:fffe::1 Lesson 2: Configuring IPv6 CHAPTER 6 347 5. You are examining a DNS forward lookup zone to investigate problems with name resolution. What type of resource record enables DNS to resolve a host name to an IPv6 address? a. PTR B. A c. AAAA D. Host 3 4 8 CHAPTER 6 Network Settings Lesson 3: Network Configuration As an IT professional, you mainly are involved with setting up and administering production networks that contain domain controllers, file servers, DNS servers, DHCP servers, servers running Exchange Server, servers running Microsoft SQL Server, and so on. However, large organizations often have small networks set up for specific purposes (for example, test networks) and you might have to set up a workgroup that uses ICS or configure wireless connectivity. This lesson discusses how you set up and add devices to both a wired and a wireless network but it concentrates mainly on wireless networks. It shows how you configure security settings on a client, manage preferred wireless networks, configure wireless network adapters, and troubleshoot connectivity issues specific to wireless adapters. The chapter also covers security settings on a WAP and how you configure location-aware printing. After this lesson, you will be able to: n Connect workstations to a wired network. n Add a device to a wireless network. n Manage connections for both wired and wireless networks. n Manage preferred wireless networks. n Configure security settings on a third-party WAP. n Configure location-aware printing. Estimated lesson time: 50 minutes Connecting to a Network Lesson 1 described how you would go about setting up a small wired network where one computer connects directly to a cable or dial-up modem and obtains its IPv4 configuration from the modem, which in turn is configured by the ISP. Typically, that computer is configured to provide ICS, and other clients you connect to the network obtain their configurations automatically from the ICS computer. Figure 6-31 shows this configuration. To ISP and internet modem switch ICS computer FIGURE 6-31 A wired small network Lesson 3: Network Configuration CHAPTER 6 349 In a wireless small network, you typically connect your wireless WAP to your cable or dial- up modem. The other devices on your network, such as computers or printers, then connect to the WAP. In this case, the computers on the network all connect to the Internet through the WAP, which is configured by default to provide IP configuration. Figure 6-32 shows this configuration. If you are setting this up from scratch and your ISP is not providing a modem, you can purchase a combined modem and WAP. To ISP and internet modem wireless computers FIGURE 6-32 A wireless small network You can also implement a hybrid network. In this case, the WAP is typically connected to the modem as before, and computers in fixed locations are connected using wired connections to Ethernet ports on the WAP. Most WAPs have several Ethernet ports in addition to the wide area network (WAN) port that connects to the modem. You can wire the fixed computers directly to the ports on the WAP, or you can connect them by using an Ethernet switch and connect the switch to the WAP. Wireless-enabled devices connect directly to the WAP, and both wired and wireless devices are on the same network and obtain their IP configuration from the WAP, which provides DHCP and internal DNS services. Figure 6-33 shows this configuration. To ISP and internet modem WAP wireless computers wired computer(s) FIGURE 6-33 A hybrid small network The WAP forwards any packets that need to go to the Internet (for example, browser requests) through the modem to your ISP, which provides DNS resolution across the Internet. Typically, you configure a WAP by accessing a Web page interface. Refer to the manufacturer’s documentation for details. More Info EXTERNAL RESOLUTION It is unlikely that the 70-680 examination will test your knowledge of how DNS works over the Internet. However, if you want to learn more out of professional interest, see http://technet.microsoft.com/en-us/library/cc775637.aspx. 3 5 0 CHAPTER 6 Network Settings If you have two or more wireless computers in close proximity (no more than 30 feet apart), you can set up an ad hoc network that lets you access shared resources on the computers on the network (provided the sharing permissions permit access). An ad hoc network requires no central WAP and does not need IPv4 configuration because it uses IPv6. Ad hoc networks are discussed in more detail later in this lesson, and you set up an ad hoc network in a practice exercise. Setting Up a Network Connection The first computer you install on a wired SOHO or test network will likely be connected to a modem through a universal serial bus (USB) or Ethernet connection. It will also have an Ethernet connection to enable computers and other devices to connect to it through a switch. Your ISP will give you instructions about how to establish an Internet connection and will provide a user name and password. To connect to the Internet, you open Network And Sharing Center, click Set Up New A Connection Or Network, select Connect To The Internet, and click Next. You then select the method you are using to connect, such as broadband point-to-point protocol over Ethernet (PPPOe), and enter the name and password that your ISP provided, as shown in Figure 6-34. If you select Allow Other People To Use This Connection and you are not logged in with an administrator account, you are prompted for credentials. FIGURE 6-34 Providing information from your ISP You can get details about the sharing and discovery settings, and change a setting if required, by clicking the Change Advanced Sharing Settings. The Advanced Sharing Settings dialog box is shown in Figure 6-35. You can specify the settings for a public profile or a private (home or work) profile by clicking the arrow to the right of the current profile. For each profile, you can configure the following: Lesson 3: Network Configuration CHAPTER 6 351 n Network discovery n File and printer sharing n Public folder sharing n Media streaming n File sharing connections (encryption strength) n Password protected sharing n Homegroup connections FIGURE 6-35 The Advanced Sharing Settings dialog box Typically, other computers on a small wired network connect to the Internet through the first computer that you configure on the network. To enable this to happen, you need to configure ICS on that computer. You configured an ICS computer and an ICS client in Exercise 2, “Configuring ICS on the Canberra Computer,” in Lesson 1. When you enable ICS, your LAN connection is configured with a new static IP address (192.168.0.1) and other settings (for example, subnet mask, default gateway, and DNS server address). The static address (192 168.0.1) is used as the default gateway for the subnet. If you connect other computers to your network before you enable ICS, you might need to change their TCP/IP settings, typically by rebooting. As a general rule, it is preferable to add other computers to your network after you have configured ICS. 3 5 2 CHAPTER 6 Network Settings To add a computer to a wired network on which ICS is configured, you connect it to the network and turn it on. In Network And Sharing Center, you click Internet Options and, on the Connections tab, you click LAN Settings and clear the Automatically Detect Settings check box. Provided that the computer’s network adapter is set to receive its configuration automatically, and the computer’s name is not the same as that of another computer already on the network, the computer joins the network and receives its configuration through ICS. If you have changed the default workgroup name (WORKGROUP) on your network, you also need to change this setting on any computer you add. Adding a computer through a wired connection to a hybrid network is even more straightforward than adding it to a fully wired network. You simply plug it in and turn it on. By default, it should be configured to obtain its IP settings automatically. In this case, however, it obtains them from the WAP. Adding a Wireless Computer to a Network If you have a wireless-enabled computer, you can click the network icon on your toolbar at the bottom right section of your screen. This displays all wireless networks within range, and you can double-click the network to which you want to connect. Alternatively, you can open Network And Sharing Center and click Connect To A Network. To view and change your connection status, you can click Connect or Disconnect beside View Your Active Networks in Network And Sharing Center. This again presents you with a list of the wireless networks within range. You can also connect a computer to a wireless network through the command line. The following command shows the available wireless interfaces: netsh wlan show interfaces The output from this command for a computer with only one interface available is shown in Figure 6-36. FIGURE 6-36 Wireless interface on the Canberra computer . static site-local IPv6 configuration on the Canberra computer running Windows 7. You then configure a static site-local IPv6 configuration on the Aberdeen computer running Windows 7 and test IPv6. fec0:0:0:fffe::1. 7. Click the box beside Subnet Prefix Length. The value 64 is entered automatically. The Properties dialog box should look similar to Figure 6- 27. FIGURE 6- 27 IPv6 configuration. similar to Figure 6-2 8. FIGURE 6-2 8 Pinging a site-local IPv6 address exercise 2 Configuring the Aberdeen Computer and Testing IPv6 Connectivity In this exercise, you configure IPv6 site-local addresses