NETW204 Class Project This project includes three phases

NETW204 Class Project This project includes three phases

soffix

  • $17.99


NETW204 Class Project This project includes three phases. You need to complete Phase I before moving on to Phase II.

NETW204 Class Project

This project includes three phases. You need to complete Phase I before moving on to Phase II. Likewise, you need to complete Phase II before moving on to Phase III or the final phase in the project.

Hi-tech Net Corp. is operating in three locations in the United States. Their main office is located in New York, NY. They have two branch offices located in Chicago, IL and Sacramento, CA.

You have just been hired as Hi-tech Net Corp.’s consulting engineer to implement their network infrastructure. Both branch offices will be directly connected to the main office in NY via a leased line circuit (point-to-point serial connection).

New York’s Office IP Information

The main office has four LAN segments: Executive, Engineering, Services, and Native&Management. Each LAN segment is identified by a VLAN number as seen below. For example:

• Executive: VLAN 15
• Engineering: VLAN 25
• Services: VLAN 35
• Native&Management: VLAN 99

The organization is using the following network address in NY: 10.150.0.0/16.

• Executive: 60 computers only including future growth in this number
• Engineering: 80 computers only including future growth in this number
• Services: 115 computers including future growth in this number
• Native&Management: 12 computers including future growth in this number

*** Future growth means that we already take growth into consideration. Do not try to estimate or add more IP addresses than necessary to avoid getting an incorrect subnet.

Illinois’ Office IP Information
The IL branch has three LAN subnets with 45 IP addresses on each subnet. They use the following network address to obtain the required IL subnets: 10.150.100.0 /24.

California’s Office IP Information
The CA branch has three LAN subnets with 25 IP addresses on each subnet. They use the following network address to obtain the required CA subnets: 10.150.200.0 /25.

 

PHASE I (20 points total)—Due Week 3

Tasks to Do.

Task 1: Subnet the 10.150.0.0/16 network for NY and assign the first subnets to Services followed by Engineering. You may need to re-subnet for Executive and Native&Management subnets to avoid wasting IP addresses. Ensure that you re-subnet only the first unused subnet and nothing else. Assign the subnets to Executive and Native&Management. (5 points)

New York Office IP

IP Address Range

New Subnet Mask

New Network Address

VLAN 15-Executive

 

 

 

VLAN 25-Engineering

 

 

 

VLAN 35-Services

 

 

 

VLAN 99-Native&Management

 

 

 

Task 2: Subnet the 10.150.100.0 /25 network for IL and assign the last IP address on the three subnets to the Loopback 1, Loopback 2, and Loopback 3 interfaces of the router. We will use a loopback or virtual interface to simulate the LAN subnets. This will speed up configuration and allows us to create our topology without rewiring. (3 points)

Illinois Branch IP

IP Address Range

New Subnet Mask

New Network Address

Loopback 1

 

 

 

Loopback 2

 

 

 

Loopback 3

 

 

 

Task 3: Subnet the 10.150.200.0 /25 network for CA and assign the last IP address on the three subnets to the Loopback 1, Loopback 2, and Loopback 3 interfaces of the router. We will use a loopback or virtual interface to simulate the LAN subnets. This will speed up configuration and allows us to create our topology without rewiring. (3 points)

California Branch IP

IP Address Range

New Subnet Mask

New Network Address

Loopback 1

 

 

 

Loopback 2

 

 

 

Loopback 3

 

 

 

Task 4: Use the following network address (10.1.255.0/25) to find the WAN subnets between NY and IL and NY and CA respectively. Note that there should only be two IP addresses per subnet for each WAN link. Assign the first WAN subnet to NY to IL and the second WAN subnet to NY to CA. (2 points)

WAN Subnets

IP Address Range

New Subnet Mask

New Network Address

NY to IL

 

 

 

NY to CA

 

 

 

Task 5: Use Microsoft Visio to design the current network topology. Remember to use Loopback interfaces for the subnets in NY, IL, and CA. Use point-to-point interfaces to connect the remote branch offices to NY. See the sample network diagram below. Replace the phrase “IP Address” by the correct IP address for each interface on the routers. Include the WAN IP addresses on the diagram as well. (7 points)

First Major Deliverable in the Project: IP scheme for all three locations (fill in the IP tables above) and the Visio Diagram.

 

PHASE II (30 points total)—Due Week 5

Now that you have completed your first major deliverable in the project, let us move on to the next phase in the project. You need to plan to implement the network. You will configure the switches first.

You should write all required configuration commands with their Command prompt mode in the table, middle column, under the “Required Information” instructions.

An example:

Configuration Task

Required Information

Points

Router name

RTR1

Router(config)# hostname RTR1

¼

Task 1: Configure SW1. (3.5 points possible)

Configuration Task

Required Information

Points

Switch name

SW1

¼

Secret Password

Netw204

¼

Disable DNS lookup

 

¼

Username and Password

User= Admin1,

¼

Message of the Day (MOTD) Banner

Unauthorized Access is Highly Prohibited!

¼

VTY

Enable SSH and Disable Telnet.

½

Encrypt the clear text passwords

Use the correct command to encrypt clear text passwords.

¼

Create the required VLANs.

Use the information provided to create the VLANs.

¼

Assign the management IP address.

Assign the IP Address just before the last valid IP Address on the Native&Management VLAN. VLAN 99 is the Native VLAN.

¼

Enable the 802.1Q Trunk ports.

Use the correct switchport command to set the Trunk port.

¼

Configure all other ports as access ports.

Use the interface range command.

¼

Assign F0/3 to the correct VLAN as per the diagram.

See the network diagram you drew for part 1.

¼

Shutdown all unused ports.

Disable all unused ports in software.

¼

Task 2: Configure SW2. (3.5 points possible)

Configuration Task

Required Information

Points

Switch name

SW2

¼

Secret Password

Netw204

¼

Disable DNS lookup

 

¼

Username and Password

User= Admin1,

¼

Message of the Day (MOTD) Banner

Unauthorized Access is Highly Prohibited!

¼

VTY

Enable SSH and Disable Telnet.

½

Encrypt the clear text passwords

Use the correct command to encrypt clear text passwords.

¼

Create the required VLANs.

Use the information provided to create the VLANs.

¼

Assign the management IP address.

Assign the IP Address just before the last valid IP Address on the Native&Management VLAN. VLAN 99 is the Native VLAN.

¼

Enable the 802.1Q Trunk ports.

Use the correct switchport command to set the Trunk port.

¼

Configure all other ports as access ports.

Use the interface range command.

¼

Assign F0/3 to the correct VLAN as per the diagram.

See the network diagram you drew for part 1.

¼

Shutdown all unused ports.

Disable all unused ports in software.

¼

Task 3: Configure the NY Router. (6 points)

Configuration Item or Task

Required Information

Points

Configure 802.1Q subinterface .15 on G0/1

Description Executive LAN

Assign VLAN 15.

Assign the last valid IP address to this interface.

½

Configure 802.1Q subinterface .25 on G0/1

Description Engineering LAN

Assign VLAN 25.

Assign the last valid IP address to this interface.

½

Configure 802.1Q subinterface .35 on G0/1

Description Services LAN

Assign VLAN 35.

Assign the first available address to this interface.

½

Configure 802.1Q subinterface .99 on G0/1

Description Native&Management LAN

Assign VLAN 99.

Assign the last valid IP address to this interface.

½

Activate Interface G0/1

Bring up interfaces

½

OSPF Process ID

204

½

Router ID

1.1.1.1

½

Advertise directly connected networks.

Use classless network addresses

Assign all directly connected networks to Area 0

½

Set all LAN interfaces as passive.

Type necessary commands to do so.

½

Change the default cost reference bandwidth to support Gigabit interface calculations.

1000

½

Set the serial interface bandwidth.

768 Kb/s

½

Adjust the metric cost of S0/0/0.

Cost: 7500

½

Task 4: Configure the IL Router. (4 points)

Configuration Task

Required Information

Points

Assign IP addresses to appropriate interfaces including Loopback and serial interfaces.

 

½

Activate the nonLoopback interfaces.

 

½

OSPF Process ID

204

½

Router ID

2.2.2.2

½

Advertise directly connected networks.

Use classless network addresses.

Assign interfaces to Area 0.

Use a single summary address for the LAN (loopback) interfaces.

½

Set all LAN (Loopback) interfaces as passive.

 

½

Change the default cost reference bandwidth to support Gigabit interface calculations.

1000

½

Set the serial interface bandwidth.

256 Kb/s

½

 

Note: You will probably notice that all the Loopback IP addresses show up as /32. To change that /32 to the real subnet mask of the Loopback interfaces you need to type the following command on each Loopback interface in the routers.

Interface Loopback 1

ip ospf network point-to-point

Task 5: Configure the CA Router. (4 points)

Configuration Task

Required Information

Points

Assign IP addresses to appropriate interfaces including Loopback and serial interfaces.

 

½

Activate the nonLoopback interfaces.

 

½

OSPF Process ID

204

½

Router ID

3.3.3.3

½

Advertise directly connected networks.

Use classless network addresses.

Assign interfaces to Area 0.

Use a single summary address for the LAN (loopback) interfaces.

½

Set all LAN (Loopback) interfaces as passive.

 

½

Change the default cost reference bandwidth to support Gigabit interface calculations.

1000

½

Set the serial interface bandwidth.

256 Kb/s

½

 

Task 6: Verify OSPF Configuration (6 points)

Question

Points

Type the command that displays all connected OSPFv2 routers. Capture the output for your project and explains what you see.

1

Type the command that displays the OSPF process ID, router ID, routing networks, address summarization, and passive interfaces configured on a router. Capture the output for your project and explain what you see.

1

What command displays only OSPF routes?

1

What command displays detail information about the OSPF interfaces, including the authentication method?

1

What command displays the OSPF link states types?

1

What command displays the OSPF database?

1

Task 7: Summarize the output of the commands used in Task 6. How can you tell that the network is working correctly? (3 points)

 

PHASE III (70 Points Total)—Due Week 7

Task 1: Configure the NY router as a DHCPv4 server for the executive and engineering VLAN. (4 points)

Configuration Task

Required Information

Points

Reserve the first 10 IP addresses in VLAN 15 for static configurations.

 

1

Reserve the first 10 IP addresses in VLAN 25 for static configurations.

 

1

Create a DHCP pool for VLAN 15.

Name: EXECUTIVE

DNS-Server: 192.168.1.45

Domain-Name: hitech.net

Set the default gateway.

1

Create a DHCP pool for VLAN 25.

Name: ENGINEERING

DNS-Server: 192.168.1.45

Domain-Name: engineering.com

Set the default gateway.

1

 

Task 2: Restrict Access to the VTY Lines to only come from Native&Management VLAN. (15 points)

Configuration Task

Required Information

Points

Configure a named access list to only allow Native&Management VLAN to SSH to the routers.

ACL Name: NETMGMT

5

Apply the named ACL to the VTY lines.

 

5

Verify ACL is working as expected.

 

5

 

Task 3: Configure static and dynamic NAT on NY. (25 points)

Configuration Item or Task

Required Information

Points

Create a local database with one user account.

Use the command username webadmin privilege 15 secret cisco123

Username: webadmin

Password: cisco123

Privilege level: 15

5

Enable HTTP server service.

ip http ?

2

Configure the HTTP server to use the local database for authentication.

ip http authentication ?

2

Create a static NAT to the web server.

Inside Global Address: 209.107.23.66 -->

2

Configure NY’s Loopback 0 interface with the following IP address. This is a simulated internal web server.

192.168.1.200/32

1

Assign the inside and outside interface for the static NAT.

192.168.1.200  ß à209.107.23.66 /26

1

Configure the dynamic NAT inside private ACL.

Access List: 10

Allow the executive and engineering networks on NY to be translated.

Allow a summary of the LANs (loopback) networks on IL and CA to be translated.

Do not allow the Services and Native&Management VLANs to be translated.

5

Define the pool of usable public IP addresses.

Pool Name: THE_NET

Pool of addresses include:

209.107.23.68 – 209.107.23.75

5

Define the dynamic NAT translation.

 

2

Task 4: Secure the network services. (16 points)

Configuration Task

Required Information

Points

Configure an extended ACL to

allow Internet hosts WWW access to the simulated web server on NY by accessing the static NAT address (209.107.23.66 /26) that you configured in Task 3;

allow Internet hosts DNS access to the simulated web server on NY by accessing the static NAT address (209.107.23.66 /26) that you configured in Task 3; and

prevent traffic from the Internet from pinging internal networks, while continuing to allow LAN interfaces to ping the Internet hosts.

ACL No.: 105

10

Apply ACL to the appropriate interface(s).

 

6

Task 5: Verify that your project meets the above requirements. Write a summary of what you did and explain what you have learned in the process. (10 points)


We Also Recommend


Sale

Unavailable

Sold Out