Scribd
Upload
54 views3 pages

FN Lab2

Uploaded by

Hai Nguyen Ngoc
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views3 pages

FN Lab2

Uploaded by

Hai Nguyen Ngoc
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

PART2 CONFIGURATION (Exam) 50 Points

The Topology

Scenario
Your organization has three sites as the figure. Each site has a local WEB server, local DNS server
and own line which connects to the Internet . The DNS server must be accessed locally. You have to
configure as requirements to finish this part-exam.

The Parameters
Table 1
Device/ Interface
S0
S1
S2
S3

FR1
DLCI 102 (HANOI-TpHCM)
DLCI 103 (HANOI-DANANG)
DLCI 123 (FR1-FR3)
DLCI 456 (FR1-FR2)

FR2
DLCI 201 (DANANG-HANOI)
DLCI 203 (DANANG-TpHCM)
DLCI 456 (FR2-FR1)
DLCI 789 (FR2-FR3)

FR3
DLCI 301 (TpHCM-HANOI)
DLCI 302 (TpHCM-DANANG)
DLCI 123 (FR3-FR1)
DLCI 789 (FR3-FR2)

Table 2
Device
HANOI
DANANG

TpHCM

GATE-FW

Interface/Vlan
S0/0/0
Fa0/0
S0/0/0
Fa0/0
S0/0/0
Fa0/0.10 (vlan10: Sale )
Fa0/0.20 (vlan20: Admin )
Fa0/0.30 (vlan30: Server )
S0/0/1
Fa0/1

IP address
192.168.1.1
172.16.30.1
192.168.1.2
172.18.1.2
192.168.1.3
172.17.10.3
172.17.20.3
172.17.30.3
200.200.200.2
10.10.10.2

Network/Prefix
192.168.1.0/29
172.16.30.0/24
192.168.1.0/29
172.18.1.0/24
192.168.1.0/29
172.17.10.0/24
172.17.20.0/24
172.17.30.0/24
200.200.200.0/29
10.10.10.0/24

Default Gateway
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A

Linksys
Internet
WEB1
(www.sc2009.com)
DNS1
WEB2
(www.hanoi.org)
DNS2
WEB3
(www.tphcm.org)
DNS3
WEB4
(www.danang.org)
DNS4
DHCP
PC1
PC2
PC3
PC4
PC5
PC6

Fa0/0.10 (vlan10: Tech)


Fa0/0.20 (vlan20: Staff)
Fa0/0.30 (vlan30: WAN )
Fa0/0.40 (vlan40: DHCP )

172.16.10.2
172.16.20.2
172.16.30.2
172.16.40.2

172.16.10.0/24
172.16.20.0/24
172.16.30.0/24
172.16.40.0/24

N/A
N/A
N/A
N/A

Internet
LAN
S0/0/0
Fa0/0

172.18.1.254
192.168.0.1
200.200.200.1
200.200.200.249

172.18.1.0/24
192.168.0.0/24
200.200.200.0/29
200.200.200.248/29

172.18.1.2
N/A
N/A

NIC

200.200.200.254

200.200.200.248/29

200.200.200.249

NIC

200.200.200.253

200.200.200.248/29

200.200.200.249

NIC

10.10.10.254

10.10.10.0/24

10.10.10.2

NIC

10.10.10.253

10.10.10.0/24

10.10.10.2

NIC

172.17.30.254

172.17.30.0/24

172.17.30.3

NIC

172.17.30.253

172.17.30.0/24

172.17.30.3

NIC

192.168.0.254

192.168.0.0/24

192.168.0.1

NIC
NIC
NIC
NIC
NIC
NIC
Wireless NIC
NIC

192.168.0.253
172.16.40.254
Dynamic
Dynamic
Dynamic
Dynamic
Dynamic
Dynamic

192.168.0.0/24
172.16.40.0/24
172.16.10.0/24
172.16.20.0/24
172.17.10.0/24
172.17.20.0/24
192.168.0.0/24
200.200.200.248/29

192.168.0.1
172.16.40.2
172.16.10.2
172.16.20.2
172.17.10.3
172.17.20.3
192.168.0.1
200.200.200.249

Table 3
Device

Core-SW1
SW2
SW3

Core-SW4
SW5
SW6

VTP
Version2
Domain: HANOI
Password: hanoi12345
Core-SW1: server
SW2,SW3: client
Native Vlan 1 for all the
Trunk links
Version2
Domain: TpHCM
Password: tphcm12345
Core-SW4: server
SW5,SW6: client
Native Vlan 1 for all the
Trunk links

VLANs

PVST

Vlan10: Tech
Vlan20: Staff
Vlan30: WAN
Vlan40: DHCP

Core-SW1: root bridge for vlan30,40


SW2: root bridge for vlan10
SW3: root bridge for vlan20

Vlan10: Sale
Vlan20: Admin
Vlan30: Server

Core-SW4: root bridge for vlan30


SW5: root bridge for vlan10
SW6: root bridge for vlan20

Table 4
Device

Linksys WRT300N

Setup
SSID: DANANG
Channel:6
Security Mode: WPA2 personal
Encryption: AES
Passphrase:1234567890
Local IP address: 192.168.0.0/24
DNS: 192.168.0.253
Enable DMZ

Table 5
Items
Console
Enable Secret
SSH
PAP

Username

student
sc2009

Password
student
skills
skills
sc2009

1. Task1: Basic Configurations


1) Assign the appropriate IP addresses to the device interfaces following as the given in
Table 2.
2) Configure the Frame-Relay connections, using the correct DLCIs in the Table 1.
3) Configure VTP, PVST+, VLANs properly as the given Table 3.
4) Enable EIGRP AS 33 on router HANOI, DANANG and TpHCM.
5) On HANOI router, configure some static routes to other networks in HANOI domain and
propagate that (using redistribution) to router DANANG and TpHCM.
6) On router GATE-FW:
- Do not configure any the dynamic routing protocol.
- Configure the static default route via Internet for HANOI domain only.
- Configure others static route in case of need.
7) Enable PAP authentication one-way on the serial link between router INTERNET (as
the PAP server) and router GATE-FW (as the PAP client).
8) Active the suitable services on the all servers. The local server DNS2, DNS3, DNS4
serves only for the domain the server located. Server DNS1 serves for Internet users
only.
9) Configure router INTERNET as a DHCP server for the network 200.200.200.248/29.
10) Configure router TpHCM as a DHCP server for the networks 172.17.10.0/24,
172.17.20.0/24.
11) Setup the Linksys WRT300N correctly, using the Table 4.
12) The PC client obtains an IP address and DNS server address automatically.
2. Task2: Advanced Configurations
1) Configure NAT/PAT properly on GATE-FW. So, inside users at HANOI domain only can
access the Internet.
2) Internet users can access the WEB2 (www.hanoi.org) by the public IP address
200.200.200.3/29
3) Inside users can access the all servers WEB2 (www.hanoi.org), WEB3
(www.tphcm.org), WEB4 (www.danang.org).
4) On router TpHCM and router DANANG, configure a correct ACL that dont allow the
ICMP request from accessing the HANOI domain, and deny any DNS request.
5) Open the SSH service on the router HANOI, DANANG and TpHCM for PC1-Tech, PC4Admin and PC5-Wireless only.

You might also like