Scribd Logo
Hochladen

Willkommen bei Scribd!

  • FN

    Hochgeladen von

    http://heiserz.com/
    35 Ansichten3 Seiten
    Each site has a local WEB server, local DNS server and own line which connects to the Internet. You have to configure as requirements to finish this part-exam.

    Originalbeschreibung:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Each site has a local WEB server, local DNS server and own line which connects to the Internet. You have to configure as requirements to finish this part-exam.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    35 Ansichten3 Seiten

    FN

    Hochgeladen von

    http://heiserz.com/
    Each site has a local WEB server, local DNS server and own line which connects to the Internet. You have to configure as requirements to finish this part-exam.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 3

    PART2 CONFIGURATION (Exam) 50 Points

    The Topology

    Scenario
    Your organization has three sites as the figure. Each site has a local WEB server, local DNS server
    and own line which connects to the Internet . The DNS server must be accessed locally. You have to
    configure as requirements to finish this part-exam.

    The Parameters
    Table 1
    Device/ Interface
    S0
    S1
    S2
    S3

    FR1
    DLCI 102 (HANOI-TpHCM)
    DLCI 103 (HANOI-DANANG)
    DLCI 123 (FR1-FR3)
    DLCI 456 (FR1-FR2)

    FR2
    DLCI 201 (DANANG-HANOI)
    DLCI 203 (DANANG-TpHCM)
    DLCI 456 (FR2-FR1)
    DLCI 789 (FR2-FR3)

    FR3
    DLCI 301 (TpHCM-HANOI)
    DLCI 302 (TpHCM-DANANG)
    DLCI 123 (FR3-FR1)
    DLCI 789 (FR3-FR2)

    Table 2
    Device
    HANOI
    DANANG

    TpHCM

    GATE-FW

    Interface/Vlan
    S0/0/0
    Fa0/0
    S0/0/0
    Fa0/0
    S0/0/0
    Fa0/0.10 (vlan10: Sale )
    Fa0/0.20 (vlan20: Admin )
    Fa0/0.30 (vlan30: Server )
    S0/0/1
    Fa0/1

    IP address
    192.168.1.1
    172.16.30.1
    192.168.1.2
    172.18.1.2
    192.168.1.3
    172.17.10.3
    172.17.20.3
    172.17.30.3
    200.200.200.2
    10.10.10.2

    Network/Prefix
    192.168.1.0/29
    172.16.30.0/24
    192.168.1.0/29
    172.18.1.0/24
    192.168.1.0/29
    172.17.10.0/24
    172.17.20.0/24
    172.17.30.0/24
    200.200.200.0/29
    10.10.10.0/24

    Default Gateway
    N/A
    N/A
    N/A
    N/A
    N/A
    N/A
    N/A
    N/A
    N/A
    N/A

    Linksys
    Internet
    WEB1
    (www.sc2009.com)
    DNS1
    WEB2
    (www.hanoi.org)
    DNS2
    WEB3
    (www.tphcm.org)
    DNS3
    WEB4
    (www.danang.org)
    DNS4
    DHCP
    PC1
    PC2
    PC3
    PC4
    PC5
    PC6

    Fa0/0.10 (vlan10: Tech)


    Fa0/0.20 (vlan20: Staff)
    Fa0/0.30 (vlan30: WAN )
    Fa0/0.40 (vlan40: DHCP )

    172.16.10.2
    172.16.20.2
    172.16.30.2
    172.16.40.2

    172.16.10.0/24
    172.16.20.0/24
    172.16.30.0/24
    172.16.40.0/24

    N/A
    N/A
    N/A
    N/A

    Internet
    LAN
    S0/0/0
    Fa0/0

    172.18.1.254
    192.168.0.1
    200.200.200.1
    200.200.200.249

    172.18.1.0/24
    192.168.0.0/24
    200.200.200.0/29
    200.200.200.248/29

    172.18.1.2
    N/A
    N/A

    NIC

    200.200.200.254

    200.200.200.248/29

    200.200.200.249

    NIC

    200.200.200.253

    200.200.200.248/29

    200.200.200.249

    NIC

    10.10.10.254

    10.10.10.0/24

    10.10.10.2

    NIC

    10.10.10.253

    10.10.10.0/24

    10.10.10.2

    NIC

    172.17.30.254

    172.17.30.0/24

    172.17.30.3

    NIC

    172.17.30.253

    172.17.30.0/24

    172.17.30.3

    NIC

    192.168.0.254

    192.168.0.0/24

    192.168.0.1

    NIC
    NIC
    NIC
    NIC
    NIC
    NIC
    Wireless NIC
    NIC

    192.168.0.253
    172.16.40.254
    Dynamic
    Dynamic
    Dynamic
    Dynamic
    Dynamic
    Dynamic

    192.168.0.0/24
    172.16.40.0/24
    172.16.10.0/24
    172.16.20.0/24
    172.17.10.0/24
    172.17.20.0/24
    192.168.0.0/24
    200.200.200.248/29

    192.168.0.1
    172.16.40.2
    172.16.10.2
    172.16.20.2
    172.17.10.3
    172.17.20.3
    192.168.0.1
    200.200.200.249

    Table 3
    Device

    Core-SW1
    SW2
    SW3

    Core-SW4
    SW5
    SW6

    VTP
    Version2
    Domain: HANOI
    Password: hanoi12345
    Core-SW1: server
    SW2,SW3: client
    Native Vlan 1 for all the
    Trunk links
    Version2
    Domain: TpHCM
    Password: tphcm12345
    Core-SW4: server
    SW5,SW6: client
    Native Vlan 1 for all the
    Trunk links

    VLANs

    PVST

    Vlan10: Tech
    Vlan20: Staff
    Vlan30: WAN
    Vlan40: DHCP

    Core-SW1: root bridge for vlan30,40


    SW2: root bridge for vlan10
    SW3: root bridge for vlan20

    Vlan10: Sale
    Vlan20: Admin
    Vlan30: Server

    Core-SW4: root bridge for vlan30


    SW5: root bridge for vlan10
    SW6: root bridge for vlan20

    Table 4
    Device

    Linksys WRT300N

    Setup
    SSID: DANANG
    Channel:6
    Security Mode: WPA2 personal
    Encryption: AES
    Passphrase:1234567890
    Local IP address: 192.168.0.0/24
    DNS: 192.168.0.253
    Enable DMZ

    Table 5
    Items
    Console
    Enable Secret
    SSH
    PAP

    Username

    student
    sc2009

    Password
    student
    skills
    skills
    sc2009

    1. Task1: Basic Configurations


    1) Assign the appropriate IP addresses to the device interfaces following as the given in
    Table 2.
    2) Configure the Frame-Relay connections, using the correct DLCIs in the Table 1.
    3) Configure VTP, PVST+, VLANs properly as the given Table 3.
    4) Enable EIGRP AS 33 on router HANOI, DANANG and TpHCM.
    5) On HANOI router, configure some static routes to other networks in HANOI domain and
    propagate that (using redistribution) to router DANANG and TpHCM.
    6) On router GATE-FW:
    - Do not configure any the dynamic routing protocol.
    - Configure the static default route via Internet for HANOI domain only.
    - Configure others static route in case of need.
    7) Enable PAP authentication one-way on the serial link between router INTERNET (as
    the PAP server) and router GATE-FW (as the PAP client).
    8) Active the suitable services on the all servers. The local server DNS2, DNS3, DNS4
    serves only for the domain the server located. Server DNS1 serves for Internet users
    only.
    9) Configure router INTERNET as a DHCP server for the network 200.200.200.248/29.
    10) Configure router TpHCM as a DHCP server for the networks 172.17.10.0/24,
    172.17.20.0/24.
    11) Setup the Linksys WRT300N correctly, using the Table 4.
    12) The PC client obtains an IP address and DNS server address automatically.
    2. Task2: Advanced Configurations
    1) Configure NAT/PAT properly on GATE-FW. So, inside users at HANOI domain only can
    access the Internet.
    2) Internet users can access the WEB2 (www.hanoi.org) by the public IP address
    200.200.200.3/29
    3) Inside users can access the all servers WEB2 (www.hanoi.org), WEB3
    (www.tphcm.org), WEB4 (www.danang.org).
    4) On router TpHCM and router DANANG, configure a correct ACL that dont allow the
    ICMP request from accessing the HANOI domain, and deny any DNS request.
    5) Open the SSH service on the router HANOI, DANANG and TpHCM for PC1-Tech, PC4Admin and PC5-Wireless only.

    Das könnte Ihnen auch gefallen