Assignment 1 ITC308 Draft Final Final
Transcript of Assignment 1 ITC308 Draft Final Final
![Page 1: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/1.jpg)
Network ImplementationIn network implementation we organized all devices, ip table, configuring VLAN, Subnet Mask, VPN, Access-list and NAT. In the WAN configuration we maintain secure communication among the branches. OSPF has been used as a routing protocol.
Addressing Table
Device Interface IP Address Subnet Mask Default Gateway Location
R0 S1/0 200.18.5.1/29 255.255.255.248 Head Office
S1/1 172.16.1.0 255.255.255.252 Head Office
F0/0 172.16.1.65 255.255.255.224 Head Office
R1 S1/0 172.16.1.2 255.255.255.252 Head Office
S1/1 172.16.1.5 255.255.255.252 Head Office
F0/0 192.168.1.1 255.255.255.0 Head Office
F0/1 172.16.1.33 255.255.255.224 Head Office
R2 S1/0 172.16.1.6 255.255.255.252 Head Office
F0/0 172.16.1.129 255.255.255.224 Head Office
R3 S1/0 200.18.5.2/29 255.255.255.248 Melbourne
F0/0 10.1.2.0/24 255.255.255.0 Melbourne
F0/1 10.1.1.0/29 255.255.255.248 Melbourne
R4 S1/0 200.18.5.3/29 255.255.255.248 Perth
F0/0 20.1.1.0/29 255.255.255.248 Perth
F0/1 20.1.2.0/24 255.255.255.0 Perth
Multi Layer Switch 1
F0/1 192.168.2.1 255.255.255.0 Head Office
F0/2 192.168.3.1 255.255.255.0 Head Office
F0/3 192.168.4.1 255.255.255.0 Head Office
![Page 2: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/2.jpg)
F0/4 192.168.5.1 255.255.255.0 Head Office
F0/5 192.168.6.1 255.255.255.0 Head Office
F0/6 NA NA Head Office
F0/7 192.168.7.1 255.255.255.0 Head Office
Multi Layer Switch 2
F0/1 NA Melbourne
F0/2 NA Melbourne
F0/3 NA Melbourne
F0/4 NA Melbourne
Multi Layer Switch 3
F0/1 NA Perth
F0/2 NA Perth
F0/3 NA Perth
F0/4 NA Perth
Wireless Router 1
Ethernet 1 192.168.7.2 255.255.255.0 Head office
Wireless Router 2
Ethernet 1 10.1.5.1 255.255.255.0 Melbourne
Wireless Router 3
Ethernet 1 20.1.5.1 255.255.255.0 Perth
Switch 0 F0/1 NA Head office
F0/2 NA Head office
F0/3 NA Head office
F0/4 NA Head office
F0/5 NA Head office
F0/6 NA Head office
F0/7 NA Head office
Switch 1 F0/1 NA Head office
![Page 3: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/3.jpg)
F0/2 NA Head office
Switch 2 F0/1 NA Head office
F0/2 NA Head office
Switch 3 F0/1 NA Head office
F0/2 NA Head office
Switch 4 F0/1 NA Head office
F0/2 NA Head office
Switch 5 F0/1 NA Head office
F0/2 NA Head office
Switch 6 F0/1 NA Head office
F0/2 NA Head office
F0/3 NA Head office
Switch 7 F0/1 NA
F0/2 NA
F0/3 NA
F0/4 NA
Switch 8 F0/1 NA
F0/2 NA
Switch 9 F0/1 NA
F0/2 NA
Switch 10 F0/1 NA
F0/2 NA
Switch 11 F0/1 NA
F0/2 NA
Switch 12 F0/1
![Page 4: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/4.jpg)
F0/2
DNS Server Fast Ethernet 172.16.1.35 255.255.255.224 Head office
DHCP Server Fast Ethernet 172.16.1.34 255.255.255.224 Head office
Active Directory
Fast Ethernet 172.16.1.36 255.255.255.224 Head office
Mail Server Fast Ethernet 172.16.1.37 255.255.255.224 Head office
Database Server
Fast Ethernet 172.16.1.38 255.255.255.224 Head office
Database Backup Server
Fast Ethernet 172.16.1.130 255.255.255.224 Head office
RAID Fast Ethernet 172.16.1.131 255.255.255.224 Head office
Authentication Server
Fast Ethernet 172.16.1.66 255.255.255.224 Head office
IIS Server Fast Ethernet 172.16.1.67 255.255.255.224 Head office
BO1 S1 Fast Ethernet Melbourne
BO1 S2 Fast Ethernet Melbourne
BO2 S1 Fast Ethernet Perth
BO2 S2 Fast Ethernet Perth
VLAN Structure
VLAN Structure of Sydney (Head Office)
VLAN 10 LAB One 192.168.2.0 /24 192.168.2.1 - 192.168.2.255
VLAN 20 LAB Two 192.168.3.0 /24 192.168.3.1 - 192.168.3.255
VLAN 30 Administration 192.168.4.0 /24 192.168.4.1 - 192.168.4.255
VLAN 40 Accounting 192.168.5.0 /24 192.168.5.1 - 192.168.5.255
VLAN 50 Teachers 192.168.6.0 /24 192.168.6.1 - 192.168.6.255
![Page 5: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/5.jpg)
VLAN 60 Wireless Router
192.168.7.0 /24 192.168.7.1 - 192.168.7.255
VLAN Structure of Melbourne (Branch Office 1)
VLAN 10 Administration 192.168.8.0 /24 192.168.8.1 - 192.168.8.255
VLAN 20 Teachers 192.168.9.0 /24 192.168.9.1 - 192.168.9.255
VLAN Structure of Perth (Branch Office 2)
VLAN 10 Administration 192.168.10.0 /24 192.168.10.1 - 192.168.10.255
VLAN 20 Teachers 192.168.11.0 /24 192.168.11.1 - 192.168.11.255
IP Plan & IP RangesHead Office
Network 172.16.1.0/20
IP Range 172.16.1.0 - 172.16.15.255
Default Gateway 172.16.1.1
Domain Name Sydney.domain.com
Server 172.16.1.32/27Server IP Range172.16.1.32 - 172.16.1.63
Router 172.16.1.0/30172.16.1.0 - 172.16.1.3
172.16.1.4/30172.16.1.4 - 172.16.1.7
IP Range of Melbourne (Branch Office 1)
![Page 6: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/6.jpg)
Network 10.1.1.0/24
Server IP Range 10.1.1.0/29
IP Range of Perth (Branch Office 2)
Network 20.1.2.0/24
Server IP Range 20.1.1.0/29
WAN Link or VPN IP Addressing
VPN Cloud 1 200.18.5.1/29200.18.5.0- 200.18.5.7
VPN Cloud 2 200.18.5.2/29200.18.5.0- 200.18.5.7
VPN Cloud 3 200.18.5.3/29200.18.5.0- 200.18.5.7
Configuration of Networking Devices
Multilayer Switch 1
Switch#sh runn
Building configuration...
Current configuration : 1749 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
![Page 7: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/7.jpg)
no service password-encryption
hostname Switch
!
ip routing
!
interface FastEthernet0/1
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 20
switchport trunk encapsulation dot1q
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 30
switchport trunk encapsulation dot1q
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 40
switchport trunk encapsulation dot1q
switchport mode access
!
![Page 8: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/8.jpg)
interface FastEthernet0/5
switchport access vlan 50
switchport trunk encapsulation dot1q
switchport mode access
!
interface FastEthernet0/6
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/7
switchport access vlan 60
switchport mode access
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
![Page 9: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/9.jpg)
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
![Page 10: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/10.jpg)
!
interface Vlan1
no ip address
shutdown
!
interface Vlan10
no ip address
!
interface Vlan20
no ip address
!
interface Vlan30
no ip address
!
interface Vlan40
no ip address
!
ip classless
!
line con 0
line vty 0 4
login
!
End
![Page 11: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/11.jpg)
VLAN configuration of Layer 3 switch
VTP Configuration of Layer 3 switch
![Page 12: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/12.jpg)
R1 Configuration
![Page 13: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/13.jpg)
Current configuration : 1197 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
ip name-server 0.0.0.0
![Page 14: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/14.jpg)
interface FastEthernet0/0
ip address 172.16.1.65 255.255.255.224
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial1/0
ip address 200.18.5.1 255.255.255.252
encapsulation frame-relay
ip nat outside
clock rate 64000
!
interface Serial1/1
ip address 172.16.1.1 255.255.255.252
ip nat inside
clock rate 64000
!
interface Serial1/2
no ip address
shutdown
![Page 15: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/15.jpg)
!
interface Serial1/3
no ip address
shutdown
!
interface Serial1/4
no ip address
shutdown
!
interface Serial1/5
no ip address
shutdown
!
interface Serial1/6
no ip address
shutdown
!
interface Serial1/7
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
![Page 16: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/16.jpg)
router ospf 1
log-adjacency-changes
network 172.16.1.0 0.0.0.3 area 0
network 172.16.1.64 0.0.0.31 area 0
network 200.18.5.0 0.0.0.3 area 0
!
ip nat inside source static 192.168.0.0 200.18.5.0
ip classless
no cdp run
line con 0
line vty 0 4
login
end
R0 Configuration
![Page 17: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/17.jpg)
Current configuration : 1197 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
ip name-server 0.0.0.0
interface FastEthernet0/0
![Page 18: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/18.jpg)
ip address 172.16.1.65 255.255.255.224
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial1/0
ip address 200.18.5.1 255.255.255.252
encapsulation frame-relay
ip nat outside
clock rate 64000
!
interface Serial1/1
ip address 172.16.1.1 255.255.255.252
ip nat inside
clock rate 64000
!
interface Serial1/2
no ip address
shutdown
!
![Page 19: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/19.jpg)
interface Serial1/3
no ip address
shutdown
!
interface Serial1/4
no ip address
shutdown
!
interface Serial1/5
no ip address
shutdown
!
interface Serial1/6
no ip address
shutdown
!
interface Serial1/7
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
![Page 20: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/20.jpg)
log-adjacency-changes
network 172.16.1.0 0.0.0.3 area 0
network 172.16.1.64 0.0.0.31 area 0
network 200.18.5.0 0.0.0.3 area 0
!
ip nat inside source static 192.168.0.0 200.18.5.0
ip classless
no cdp run
line con 0
line vty 0 4
login
End
Router 2 Configuration and Routing Protocol implementation
![Page 21: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/21.jpg)
Current configuration : 1030 bytes
!
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Router
!
![Page 22: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/22.jpg)
!
ip name-server 0.0.0.0
!
interface FastEthernet0/0
ip address 172.16.1.129 255.255.255.224
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 172.16.1.130 255.255.255.224
duplex auto
speed auto
shutdown
!
interface Serial1/0
ip address 172.16.1.6 255.255.255.252
!
interface Serial1/1
no ip address
shutdown
!
interface Serial1/2
no ip address
shutdown
!
![Page 23: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/23.jpg)
interface Serial1/3
no ip address
shutdown
!
interface Serial1/4
no ip address
shutdown
!
interface Serial1/5
no ip address
shutdown
!
interface Serial1/6
no ip address
shutdown
!
interface Serial1/7
no ip address
shutdown
!
interface Vlan1
no ip address
shutdown
!
router ospf 1
![Page 24: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/24.jpg)
log-adjacency-changes
network 172.16.1.128 0.0.0.31 area 0
network 172.16.1.4 0.0.0.3 area 0
!
ip classless
no cdp run
line con 0
line vty 0 4
login
End
Network Diagram
![Page 25: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/25.jpg)
Sydney Branch Diagram
Melbourne Branch
Perth Branch
![Page 26: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/26.jpg)
Computer configuration
Routing Protocol (OSPF) Configuration
![Page 27: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/27.jpg)
Router 0 Sydney Branch
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 200.18.1.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
172.16.1.0 0.0.0.3 area 0
172.16.1.64 0.0.0.31 area 0
200.18.5.0 0.0.0.3 area 0
200.18.5.0 0.0.0.7 area 0
200.18.0.0 0.0.255.255 area 0
Routing Information Sources:
Gateway Distance Last Update
172.16.1.2 110 00:05:16
Distance: (default is 110)
Routing table
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C 172.16.1.0/30 is directly connected, Serial1/1
O 172.16.1.4/30 [110/1562] via 172.16.1.2, 00:02:08, Serial1/1
O 172.16.1.32/27 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
C 172.16.1.64/27 is directly connected, FastEthernet0/0
![Page 28: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/28.jpg)
O 172.16.1.128/27 [110/1563] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.1.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.2.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.3.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.4.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.5.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.6.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
O 192.168.7.0/24 [110/782] via 172.16.1.2, 00:02:08, Serial1/1
C 200.18.1.0/24 is directly connected, Serial1/0
Router 1
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 192.168.7.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
192.168.0.0 0.0.255.255 area 0
172.16.1.0 0.0.0.3 area 0
172.16.1.32 0.0.0.31 area 0
172.16.1.4 0.0.0.3 area 0
Routing Information Sources:
Gateway Distance Last Update
172.16.1.6 110 00:07:15
![Page 29: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/29.jpg)
172.16.1.1 110 00:07:15
Distance: (default is 110)
Routing Table
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S 172.16.0.0/16 [1/0] via 172.16.1.0
C 172.16.1.0/30 is directly connected, Serial1/0
C 172.16.1.4/30 is directly connected, Serial1/1
C 172.16.1.32/27 is directly connected, FastEthernet0/1
O 172.16.1.64/27 [110/782] via 172.16.1.1, 00:01:25, Serial1/0
O 172.16.1.128/27 [110/782] via 172.16.1.6, 00:01:25, Serial1/1
C 192.168.1.0/24 is directly connected, FastEthernet0/0
C 192.168.2.0/24 is directly connected, FastEthernet0/0.1
C 192.168.3.0/24 is directly connected, FastEthernet0/0.2
C 192.168.4.0/24 is directly connected, FastEthernet0/0.3
C 192.168.5.0/24 is directly connected, FastEthernet0/0.4
C 192.168.6.0/24 is directly connected, FastEthernet0/0.5
C 192.168.7.0/24 is directly connected, FastEthernet0/0.6
O 200.18.1.0/24 [110/1562] via 172.16.1.1, 00:01:25, Serial1/0
Router 2
Routing Protocol is "ospf 1"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
![Page 30: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/30.jpg)
Router ID 172.16.1.129
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
172.16.1.128 0.0.0.31 area 0
172.16.1.4 0.0.0.3 area 0
Routing Information Sources:
Gateway Distance Last Update
172.16.1.5 110 00:08:05
Distance: (default is 110)
Routing Table
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
O 172.16.1.0/30 [110/1562] via 172.16.1.5, 00:03:21, Serial1/0
C 172.16.1.4/30 is directly connected, Serial1/0
O 172.16.1.32/27 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 172.16.1.64/27 [110/1563] via 172.16.1.5, 00:03:10, Serial1/0
C 172.16.1.128/27 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 192.168.2.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 192.168.3.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 192.168.4.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 192.168.5.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 192.168.6.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
![Page 31: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/31.jpg)
O 192.168.7.0/24 [110/782] via 172.16.1.5, 00:03:21, Serial1/0
O 200.18.1.0/24 [110/2343] via 172.16.1.5, 00:03:10, Serial1/0
VLAN Configuration & IP Plan
Sydney office has six VLan, here is the diagram for vlans
VLAN Structure of Sydney (Head Office)
VLAN 10 LAB One 192.168.2.0 /24 192.168.2.1 - 192.168.2.255
VLAN 20 LAB Two 192.168.3.0 /24 192.168.3.1 - 192.168.3.255
VLAN 30 Administration 192.168.4.0 /24 192.168.4.1 - 192.168.4.255
VLAN 40 Accounting 192.168.5.0 /24 192.168.5.1 - 192.168.5.255
VLAN 50 Teachers 192.168.6.0 /24 192.168.6.1 - 192.168.6.255
VLAN 60 Wireless Router
192.168.7.0 /24 192.168.7.1 - 192.168.7.255
![Page 32: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/32.jpg)
Frame-relay Configuration among branches
Secure VPN connection has been used for communication among branches.
WAN Link or Frame-relay IP Addressing
Frame-realy Cloud 1 200.18.5.0/29200.18.5.0- 200.18.5.3
Frame-realy Cloud 2 200.18.5.4/29200.18.5.4- 200.18.5.7
Frame-realy Cloud 3 200.18.5.8/29200.18.5.8- 200.18.5.11
Implementation of Access Control List
Head Office (Sydney)
Policies:
Lab1 Restriction & Configuration
![Page 33: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/33.jpg)
Lab1 can only access to Lab2, Internet and all other http server, other all request from the lab will be denied.
Extended IP access list Lab1
permit ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255
permit tcp 192.168.2.0 0.0.0.255 any eq domain
permit tcp 192.168.2.0 0.0.0.255 any eq www
permit ip 192.168.2.0 0.0.0.255 host 172.16.1.35
permit udp any any
Lab2 Restriction & Configuration
Lab2 can only access to Lab1, Internet and all other http server, other all request from the lab will be denied.
Extended IP access list Lab2
permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255
permit tcp 192.168.3.0 0.0.0.255 any eq domain
permit tcp 192.168.3.0 0.0.0.255 any eq www
permit udp any any
Teachers Department Permissions
Teachers depart has access to anywhere except Accounts and Administration Department
Extended IP access list Teachers
deny ip 192.168.6.0 0.0.0.255 192.168.4.0 0.0.0.255
deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255
permit ip any any
Account Department Permissions
Only Host PC7 has access in Accounting department, all other access denied for security purpose
![Page 34: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/34.jpg)
Extended IP access list 140
permit ip host 192.168.4.2 192.168.5.0 0.0.0.255 (8 match(es))
Access Control List configuration of Router 1
Frame Relay Configuration
Only Administration Department, Accounts Department and Teachers Department
![Page 35: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/35.jpg)
Frame Relay Mapping for Router1
Configurations
Serial1/0 (up): ip 200.18.5.2 dlci 102, dynamic, broadcast, CISCO, status defined, active
Serial1/0 (up): ip 200.18.5.3 dlci 103, dynamic, broadcast, CISCO, status defined, active
![Page 36: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/36.jpg)
Frame Relay Mapping for Router 3
Frame Relay Mapping for Router 4
![Page 37: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/37.jpg)
Router Redistribution (OSPF & RIPv2)
Figure: In the screen shot Router0 is running RIPv2 and Router 2 is running OSPF. Router1 is running RIPv2 and OSPF both. As we applied router redistribution on Router1, it is translating OSPF as RIP to Router0 and RIP as OSPF to Router2.
Router 1 is the translator for RIP and OSPF of both sides. Here are the ip routes of router 1, router 0 and router 2.
Routing Protocols Configuration of Router1:
router ospf 1
log-adjacency-changes
redistribute rip subnets
redistribute connected subnets
network 192.168.0.0 0.0.255.255 area 0
network 172.16.1.32 0.0.0.31 area 0
network 172.16.1.4 0.0.0.3 area 0
network 192.168.7.0 0.0.0.255 area 0
![Page 38: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/38.jpg)
!
router rip
version 2
redistribute ospf 1
redistribute connected
network 172.16.0.0
!
Router 1 Configuration
Router1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
R 10.0.0.0/8 [120/2] via 172.16.1.1, 00:00:12, Serial1/0
R 20.0.0.0/8 [120/2] via 172.16.1.1, 00:00:12, Serial1/0
172.16.0.0/16 is variably subnetted, 6 subnets, 3 masks
S 172.16.0.0/16 [1/0] via 172.16.1.0
C 172.16.1.0/30 is directly connected, Serial1/0
![Page 39: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/39.jpg)
C 172.16.1.4/30 is directly connected, Serial1/1
C 172.16.1.32/27 is directly connected, FastEthernet0/1
R 172.16.1.64/27 [120/1] via 172.16.1.1, 00:00:12, Serial1/0
O 172.16.1.128/27 [110/782] via 172.16.1.6, 03:34:27, Serial1/1
C 192.168.1.0/24 is directly connected, FastEthernet0/0
C 192.168.2.0/24 is directly connected, FastEthernet0/0.1
C 192.168.3.0/24 is directly connected, FastEthernet0/0.2
C 192.168.4.0/24 is directly connected, FastEthernet0/0.3
C 192.168.5.0/24 is directly connected, FastEthernet0/0.4
C 192.168.6.0/24 is directly connected, FastEthernet0/0.5
C 192.168.7.0/24 is directly connected, Ethernet0/3/0
R 200.18.5.0/24 [120/1] via 172.16.1.1, 00:00:12, Serial1/0
Router0 Configuration
Router0#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
![Page 40: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/40.jpg)
R 10.0.0.0/8 [120/1] via 200.18.5.2, 00:00:01, Serial1/0
R 20.0.0.0/8 [120/1] via 200.18.5.3, 00:00:17, Serial1/0
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C 172.16.1.0/30 is directly connected, Serial1/1
R 172.16.1.4/30 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 172.16.1.32/27 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
C 172.16.1.64/27 is directly connected, FastEthernet0/0
R 192.168.1.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 192.168.2.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 192.168.3.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 192.168.4.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 192.168.5.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
R 192.168.6.0/24 [120/1] via 172.16.1.2, 00:00:06, Serial1/1
200.18.5.0/29 is subnetted, 1 subnets
C 200.18.5.0 is directly connected, Serial1/0
Router 2 Configuration
Router2#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
![Page 41: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/41.jpg)
P - periodic downloaded static route
Gateway of last resort is not set
O E2 10.0.0.0/8 [110/20] via 172.16.1.5, 03:37:47, Serial1/0
O E2 20.0.0.0/8 [110/20] via 172.16.1.5, 03:37:47, Serial1/0
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
O E2 172.16.1.0/30 [110/20] via 172.16.1.5, 03:37:47, Serial1/0
C 172.16.1.4/30 is directly connected, Serial1/0
O 172.16.1.32/27 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O E2 172.16.1.64/27 [110/20] via 172.16.1.5, 03:37:47, Serial1/0
C 172.16.1.128/27 is directly connected, FastEthernet0/0
O 192.168.1.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.2.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.3.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.4.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.5.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.6.0/24 [110/65] via 172.16.1.5, 03:37:47, Serial1/0
O 192.168.7.0/24 [110/74] via 172.16.1.5, 03:37:47, Serial1/0
O E2 200.18.5.0/24 [110/20] via 172.16.1.5, 03:37:47, Serial1/0
![Page 42: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/42.jpg)
Apply Router on a Stick
Figure: Router on a stick applied on the LAN network. Fast Ethernet 0/0 has created 5 more sub interface to give support VLAN10 – VLAN 50
Configuration of Router on a Stick
Router1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.1 YES manual up up
FastEthernet0/0.1 192.168.2.1 YES manual up up
FastEthernet0/0.2 192.168.3.1 YES manual up up
FastEthernet0/0.3 192.168.4.1 YES manual up up
FastEthernet0/0.4 192.168.5.1 YES manual up up
FastEthernet0/0.5 192.168.6.1 YES manual up up
FastEthernet0/0.6 unassigned YES unset administratively down down
![Page 43: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/43.jpg)
FastEthernet0/1 172.16.1.33 YES manual up up
Ethernet0/3/0 192.168.7.1 YES manual up up
Serial1/0 172.16.1.2 YES manual up up
Serial1/1 172.16.1.5 YES manual up up
Serial1/2 unassigned YES unset administratively down down
Serial1/3 unassigned YES unset administratively down down
Serial1/4 unassigned YES unset administratively down down
Serial1/5 unassigned YES unset administratively down down
Serial1/6 unassigned YES unset administratively down down
Serial1/7 unassigned YES unset administratively down down
Vlan1 unassigned YES unset administratively down down
Virtual Private Network (VPN) Configuration
A virtual private network (VPN) is a public telecommunication infrastructure such as the Internet to provide remote offices or individual users with secure access to their organization's network. It aims to avoid an expensive system of owned or leased lines that can be used by only one organization.
It encapsulates data transfers between two or more networked devices which are not on the same private network so as to keep the transferred data private from other devices on one or more intervening local or wide area networks. There are many different classifications, implementations, and uses for VPNs.
Here we have connected 2 branch office with Sydney head office.
VPN Details
Ping AAA Server(30.0.0.2) to update ARP table first.
Group Name: ciscogroup
Group Key: ciscogroup
![Page 44: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/44.jpg)
Server IP: 200.18.5.0
User: sunny
Pass: cisco
VPN Connected
After connecting with vpn server it accusers new ip address.
![Page 45: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/45.jpg)
VPN Server configuration
hostname Router0
aaa new-model
aaa authentication login vpnauth group radius local
aaa authorization network vpnauth local
username sunny password 0 cisco
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp client configuration group ciscogroup
key ciscogroup
pool vpnclients
netmask 255.255.255.0
![Page 46: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/46.jpg)
crypto ipsec transform-set mytrans esp-3des esp-sha-hmac
crypto dynamic-map mymap 10
set transform-set mytrans
reverse-route
crypto map mymap client authentication list vpnauth
crypto map mymap isakmp authorization list vpnauth
crypto map mymap client configuration address respond
crypto map mymap 10 ipsec-isakmp dynamic mymap
ip ssh version 1
ip domain-name cisco.com
ip name-server 0.0.0.0
interface FastEthernet0/0
ip address 172.16.1.65 255.255.255.224
duplex auto
speed auto
interface FastEthernet0/1
ip address 30.0.0.1 255.255.255.0
duplex auto
speed auto
interface Serial1/0
ip address 200.18.5.1 255.255.255.248
encapsulation frame-relay
clock rate 64000
crypto map mymap
interface Serial1/1
![Page 47: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/47.jpg)
ip address 172.16.1.1 255.255.255.252
clock rate 64000
router rip
version 2
network 30.0.0.0
network 172.16.0.0
network 200.18.5.0
ip local pool vpnclients 30.0.0.100 30.0.0.200
ip nat inside source static 192.168.0.0 200.18.5.0
ip classless
Ping vpn client after getting VPN Connection
![Page 48: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/48.jpg)
DNS Server
![Page 49: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/49.jpg)
Web Server
![Page 50: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/50.jpg)
DHCP Server
Wireless Network Configuration
Wireless network has been configured in every site on the network.
Wireless Router
![Page 51: Assignment 1 ITC308 Draft Final Final](https://reader033.fdocuments.us/reader033/viewer/2022061507/5525be43550346b36e8b4a28/html5/thumbnails/51.jpg)
Wireless Client
Wireless network