SOHO DMZ Svr Z 1 0000000000000 W Internal Servers WXZ SOHO Wireless LAN Controller X Internet...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
SOHO DMZ Svr Z 1 0000000000000 W Internal Servers WXZ SOHO Wireless LAN Controller X Internet Port A P LW AP 00000000000 M Internet KR ISP K FW NTP & Web Server Root DNS Server Scenario The SRWE Company has come to you for a redesign of their company's network. Because of their expanding business operations, they want to upgrade their existing networking devices to support Gigabit Ethernet, a Wireless LAN Controller (WLC) with Lightweight Access Points (LWAP), new security features and First Hop Redundancy Protocol (FHRP). Configure the hostnames on all devices per the topology diagram and set a house keeping script for each device and cable the topology using the correct cabling. Replace all host NIC's with Gig NIC's. Note: Use the latest version of Packet Tracer. Safe your work often and have backup copies of your work based on date - time - phase. Packet Tracer is known to "crash" at the absolute worst time. Do not combine the Native & Management VLAN. For good network documentation, add interface descriptions and banners where appropriate. Passwords will be set in Phase 4. Task 1: ISP Router 1. Use the 4331 Router. 1.1. Install one NIM-ES 2-4 network module, which will provide four Gigabit (layer 2) switchports. 2. Connect two Servers to the ISP router via a layer 2 access port. 3. ISP layer 2 switchports 3.1. Directly connect each Server to the ISP router using a Gigabit Layer 2 access switchport 3.2. Statically assign addressing to each server per the Addressing Table 3.3. Statically set each layer 2 access switchport and set the specific VLAN and enable spanning - tree portfast 3.4. Create a layer 3 Switched Virtual Interface (SVI) that will be the default gateway. 4. On the DNS Server create an "A Record" for the Web Page (example: www.ipv4.com based on the IP address of the Web Server) 5. On the Web Server, modify the Web Pages to display "Public SRWE Web Server" with your name on the Web page. 6. Enable the appropriate services (DNS, Web) for each server. 7. The SOHO Router is a Wireless Home Router which can be configured via the GUI 7.1. Connect the cable from the ISP Layer 3 interface to the Internet Port on the SOHO Router. 7.2. Assign an IP address to the ISP Layer 3 Interface. (Addressing Table) 7.2.1. Set up a DHCP pool to the SOHO Router including DNS information. 7.3. The SOHO router will receive IP addressing via DHCP from the ISP Router. 8. Add a laptop computer and install Wireless NIC card. 8.1. Wireless connectivity and DHCP should be automatic using default parameters. Task 2: FW Router and ISP Router 1. Install a cable between the FW router and the ISP router 2. Set a public IPv4 address using the VLSM Table. 2.1. Assign the ISP the first usable IP address and FW the second usable IP address. Task 3: Static Default Route on FW 1. On FW configure a static default IPv4 route using the next hop IP address to the ISP 1.1. Set a static route to the ISP with an administrative distance of twice the default value. Task 4: Verify Connectivity 1. From SOHO laptop ping the DNS server IP address and HTTP via DNS to the Web Server. 2. From FW router ping the DNS server. (troubleshoot as needed) 3. From FW router ping the Web server. (troubleshoot as needed) WXZ Router and Devices Next, install a Cisco 4331 router, a 3504 Wireless LAN Controller, one Lightweight Access Point, three Servers, one Admin PC 1 and one wireless laptop M. The internal Servers will provide internal services to the company, including DNS, Web, TFTP, AAA, Syslog and Radius. The DMZ Web Server will provide Web services to (external) Internet customers. The Admin PC 1 will provide management of the WLC. Implement Gigabit Ethernet for all links. Again remove FastEthernet NIC cards from host devices and replace with Gig NIC cards. Task 5: WXZ Router to FW 1. Connect a cable between the WXZ router and the FW router on Gigabit Ethernet layer 3 interfaces 1.1. This will be a layer 3 point-to-point link using a 30 bit mask. 1.2. Assign IP addressing per your Addressing Table design. Task 6: DMZ Server Page 2 of 4 SRWE Case Study Phase 1 1. Connect the correct cable to the Gigabit Ethernet NIC on the DMZ Server Z to the Gigabit Ethernet (layer 3) port on DMZ router. 2. Assign IP addressing per your Addressing Table design. 3. Modify the default Web Page to display "DMZ Server" with your name. Task 7: WXZ 4331 Router Hardware Upgrade 1. Install one NIM-ES 2-4 network module, which will provide four Gigabit (layer 2) switching ports. 1.1. Each layer 2 port is assigned a VLAN per the Addressing Table 1.2. Each VLAN requires a Switched Virtual Interface (SVI) to provide Gateway services. Task 8: Internal Server W and Internal Server X 1. Cable the servers to the layer 2 ports just installed on WXZ router (Task 7) 2. Create the "VLAN" SVI to provide Gateway services to both internal servers. 2.1. Statically assign IP addressing to the both servers and SVI per your design. 3. On Server W modify the default Web Page to display "Internal SRWE Web Server" with your name. 4. On Server X enable DNS services. 4.1. Create a DNS "A Record" for the Internal Web Server based on the private IP address. 4.2. Create a Name Server record pointing to the Root DNS Server. 4.3. Do not create a DNS mapping for the DMZ server. Task 9: Wireless LAN Controller (WLC 3504), Lightweight Access Point (LWAP), PC and Laptop 1. Connect a crossover cable on port 1 of the WLC to the WXZ router on a layer 2 switchport 2. Connect a cable from the Packet Tracer ICON LAP-PT (LWAP) to the WXZ router on a layer 2 switchport 2.1. The LWAP will need power adapter installed 2.2. The LWAP will receive an IP address via DHCP from the WLC 3. Connect a cable from the WLC port 2 to PC 1. 4. Statically assign IP addressing to the WLC and PC 1 per your Addressing Table design. 4.4. Click on the WLC click on the Config Tab click Management 4.5. Set the IP addressing parameters 5. Add a laptop (M) with one WPC300N wireless interface card 6. On the WXZ router configure the switchports with the correct VLAN per the Addressing Table 6.1. Create the SVI to provide Gateway services to the WLC, PC 1, LWAP and Laptop. Task 10: WLC Initial Configuration Wizard Important: Complete the PT Lab Initial Configuration Wizard before configuring the WLC. This lab is located on Canvas under Additional PT Labs 1. Ensure PC 1 can ping the WLC and then HTTP from PC 1 to the WLC. 2. Then start the initial WLC using the Startup Configuration Wizard. 3. Set up the Management Profile / SSID and wireless security parameters via the GUI. Page 3 of 4 SRWE Case Study Phase 1 4. Once completed you will need to login the WLC via HTTPs and configure DHCP so Laptop M can obtain IP addressing via DHCP. 6.2. click Controller Internal DHCP Server DHCP Scope then click New to create a new DHCP Scope 6.3. Create a new DHCP Scope Address pool; this will be the Wireless LAN Controller Management subnet. 6.3.1. From the new DHCP Scope, set the default gateway (SVI) and DNS server address. 4.1. When done click Apply and then click Save Settings 5. Next, from the Controller menu set the Primary DHCP Server IP address. 6.4. on the left side of the screen click Interfaces click the interface name 6.4.1. scroll down to DHCP Information 6.4.2. set the IP address of the WLC as the Primary DHCP Server. 7. When done click Apply and then click Save Settings 8. Set the SSID and wireless security parameters on laptop M. Laptop M "should" get a DHCP address from the WLC. Task 11: Internal Dynamic Routing 1. Internal dynamic routing will be configured using EIGRP advertising directly connected interfaces 2. Advertise EIGRP in AS 645xx using the inverse mask of each directly connected interface excluding the ISP link 3. On only FW, advertise the static default route in EIGRP using the IOS redistribute static command Task 12: Network Address Translation (NAT) PAT 1. Define the inside and outside NAT interfaces. 1.1. Configure a "NAT" access control list (ACL) based on your private internal addressing 1.2. Configure NAT-PAT to translate private internal hosts to the outside "public" interface. Verification after Phase 1 OPC 1 (Admin) ping all devices and server, excluding SOHO router/Laptop PC 1 (Admin) and Laptop M web browse to internal web server & public web server using internal DNS. Additional IOS verification commands: show ip eigrp neighbors show ip route connected show ip route static show ip route show ip nat translations SOHO DMZ Svr Z 1 0000000000000 W Internal Servers WXZ SOHO Wireless LAN Controller X Internet Port A P LW AP 00000000000 M Internet KR ISP K FW NTP & Web Server Root DNS Server Scenario The SRWE Company has come to you for a redesign of their company's network. Because of their expanding business operations, they want to upgrade their existing networking devices to support Gigabit Ethernet, a Wireless LAN Controller (WLC) with Lightweight Access Points (LWAP), new security features and First Hop Redundancy Protocol (FHRP). Configure the hostnames on all devices per the topology diagram and set a house keeping script for each device and cable the topology using the correct cabling. Replace all host NIC's with Gig NIC's. Note: Use the latest version of Packet Tracer. Safe your work often and have backup copies of your work based on date - time - phase. Packet Tracer is known to "crash" at the absolute worst time. Do not combine the Native & Management VLAN. For good network documentation, add interface descriptions and banners where appropriate. Passwords will be set in Phase 4. Task 1: ISP Router 1. Use the 4331 Router. 1.1. Install one NIM-ES 2-4 network module, which will provide four Gigabit (layer 2) switchports. 2. Connect two Servers to the ISP router via a layer 2 access port. 3. ISP layer 2 switchports 3.1. Directly connect each Server to the ISP router using a Gigabit Layer 2 access switchport 3.2. Statically assign addressing to each server per the Addressing Table 3.3. Statically set each layer 2 access switchport and set the specific VLAN and enable spanning - tree portfast 3.4. Create a layer 3 Switched Virtual Interface (SVI) that will be the default gateway. 4. On the DNS Server create an "A Record" for the Web Page (example: www.ipv4.com based on the IP address of the Web Server) 5. On the Web Server, modify the Web Pages to display "Public SRWE Web Server" with your name on the Web page. 6. Enable the appropriate services (DNS, Web) for each server. 7. The SOHO Router is a Wireless Home Router which can be configured via the GUI 7.1. Connect the cable from the ISP Layer 3 interface to the Internet Port on the SOHO Router. 7.2. Assign an IP address to the ISP Layer 3 Interface. (Addressing Table) 7.2.1. Set up a DHCP pool to the SOHO Router including DNS information. 7.3. The SOHO router will receive IP addressing via DHCP from the ISP Router. 8. Add a laptop computer and install Wireless NIC card. 8.1. Wireless connectivity and DHCP should be automatic using default parameters. Task 2: FW Router and ISP Router 1. Install a cable between the FW router and the ISP router 2. Set a public IPv4 address using the VLSM Table. 2.1. Assign the ISP the first usable IP address and FW the second usable IP address. Task 3: Static Default Route on FW 1. On FW configure a static default IPv4 route using the next hop IP address to the ISP 1.1. Set a static route to the ISP with an administrative distance of twice the default value. Task 4: Verify Connectivity 1. From SOHO laptop ping the DNS server IP address and HTTP via DNS to the Web Server. 2. From FW router ping the DNS server. (troubleshoot as needed) 3. From FW router ping the Web server. (troubleshoot as needed) WXZ Router and Devices Next, install a Cisco 4331 router, a 3504 Wireless LAN Controller, one Lightweight Access Point, three Servers, one Admin PC 1 and one wireless laptop M. The internal Servers will provide internal services to the company, including DNS, Web, TFTP, AAA, Syslog and Radius. The DMZ Web Server will provide Web services to (external) Internet customers. The Admin PC 1 will provide management of the WLC. Implement Gigabit Ethernet for all links. Again remove FastEthernet NIC cards from host devices and replace with Gig NIC cards. Task 5: WXZ Router to FW 1. Connect a cable between the WXZ router and the FW router on Gigabit Ethernet layer 3 interfaces 1.1. This will be a layer 3 point-to-point link using a 30 bit mask. 1.2. Assign IP addressing per your Addressing Table design. Task 6: DMZ Server Page 2 of 4 SRWE Case Study Phase 1 1. Connect the correct cable to the Gigabit Ethernet NIC on the DMZ Server Z to the Gigabit Ethernet (layer 3) port on DMZ router. 2. Assign IP addressing per your Addressing Table design. 3. Modify the default Web Page to display "DMZ Server" with your name. Task 7: WXZ 4331 Router Hardware Upgrade 1. Install one NIM-ES 2-4 network module, which will provide four Gigabit (layer 2) switching ports. 1.1. Each layer 2 port is assigned a VLAN per the Addressing Table 1.2. Each VLAN requires a Switched Virtual Interface (SVI) to provide Gateway services. Task 8: Internal Server W and Internal Server X 1. Cable the servers to the layer 2 ports just installed on WXZ router (Task 7) 2. Create the "VLAN" SVI to provide Gateway services to both internal servers. 2.1. Statically assign IP addressing to the both servers and SVI per your design. 3. On Server W modify the default Web Page to display "Internal SRWE Web Server" with your name. 4. On Server X enable DNS services. 4.1. Create a DNS "A Record" for the Internal Web Server based on the private IP address. 4.2. Create a Name Server record pointing to the Root DNS Server. 4.3. Do not create a DNS mapping for the DMZ server. Task 9: Wireless LAN Controller (WLC 3504), Lightweight Access Point (LWAP), PC and Laptop 1. Connect a crossover cable on port 1 of the WLC to the WXZ router on a layer 2 switchport 2. Connect a cable from the Packet Tracer ICON LAP-PT (LWAP) to the WXZ router on a layer 2 switchport 2.1. The LWAP will need power adapter installed 2.2. The LWAP will receive an IP address via DHCP from the WLC 3. Connect a cable from the WLC port 2 to PC 1. 4. Statically assign IP addressing to the WLC and PC 1 per your Addressing Table design. 4.4. Click on the WLC click on the Config Tab click Management 4.5. Set the IP addressing parameters 5. Add a laptop (M) with one WPC300N wireless interface card 6. On the WXZ router configure the switchports with the correct VLAN per the Addressing Table 6.1. Create the SVI to provide Gateway services to the WLC, PC 1, LWAP and Laptop. Task 10: WLC Initial Configuration Wizard Important: Complete the PT Lab Initial Configuration Wizard before configuring the WLC. This lab is located on Canvas under Additional PT Labs 1. Ensure PC 1 can ping the WLC and then HTTP from PC 1 to the WLC. 2. Then start the initial WLC using the Startup Configuration Wizard. 3. Set up the Management Profile / SSID and wireless security parameters via the GUI. Page 3 of 4 SRWE Case Study Phase 1 4. Once completed you will need to login the WLC via HTTPs and configure DHCP so Laptop M can obtain IP addressing via DHCP. 6.2. click Controller Internal DHCP Server DHCP Scope then click New to create a new DHCP Scope 6.3. Create a new DHCP Scope Address pool; this will be the Wireless LAN Controller Management subnet. 6.3.1. From the new DHCP Scope, set the default gateway (SVI) and DNS server address. 4.1. When done click Apply and then click Save Settings 5. Next, from the Controller menu set the Primary DHCP Server IP address. 6.4. on the left side of the screen click Interfaces click the interface name 6.4.1. scroll down to DHCP Information 6.4.2. set the IP address of the WLC as the Primary DHCP Server. 7. When done click Apply and then click Save Settings 8. Set the SSID and wireless security parameters on laptop M. Laptop M "should" get a DHCP address from the WLC. Task 11: Internal Dynamic Routing 1. Internal dynamic routing will be configured using EIGRP advertising directly connected interfaces 2. Advertise EIGRP in AS 645xx using the inverse mask of each directly connected interface excluding the ISP link 3. On only FW, advertise the static default route in EIGRP using the IOS redistribute static command Task 12: Network Address Translation (NAT) PAT 1. Define the inside and outside NAT interfaces. 1.1. Configure a "NAT" access control list (ACL) based on your private internal addressing 1.2. Configure NAT-PAT to translate private internal hosts to the outside "public" interface. Verification after Phase 1 OPC 1 (Admin) ping all devices and server, excluding SOHO router/Laptop PC 1 (Admin) and Laptop M web browse to internal web server & public web server using internal DNS. Additional IOS verification commands: show ip eigrp neighbors show ip route connected show ip route static show ip route show ip nat translations
Expert Answer:
Related Book For
Posted Date:
Students also viewed these computer network questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Which of the following statements is true aboutschizophrenia? a. People throughout the world suffer fromschizophrenia b. The symptoms associated with schizophrenia are the sameacross cultures c....
-
Discuss changes that have taken place in the personal selling function and the impact of relational ideas on these changes.
-
When you were born, your parents deposited $10,000 in the bank. The bank offers a fixed interest rate of 4 percent. On your eighteenth birthday, your parents decide to withdraw the money that they...
-
A study of 3,005 adults ages 57 to 85 showed that 82% of them use at least one prescription drug. The margin of error is 2 percentage points (based on data from Use of Prescription and...
-
On behalf of BRJM, LLC, Nicolas Kepple offered Howard Engelsen $210,000 for a parcel of land known as lot five on the north side of Barnes Road in Stonington, Connecticut. Engelsens company, Output...
-
Determine the optimal results for the following formulation using the simplex method (show all iterations) Maximize Z = 5x1 + 9x2 + 7x3 subject to X1 + 3x2 + 2x3 10 3x1 + 4x2 + 2x3 12 2x1 + x2 + 2x3 8
-
Brewing Boba wants to increase bookings by 25% with medium to large sized corporate clients by December 31st, 2023. Choose THREE out of the following, and explain what Brewing Boba is currently doing...
-
Why does the optimal consumption bundle occur when the budget line is tangent to the indifference curve? Assume that the indifference curves are convex?
-
what are ASEAN key's policies regulation relating to digital trade? how do regulated digital work in ASEAN? where are the regulatory challenges and fitfalls?
-
If sellers of scarce resources are not allowed to increase prices to equilibrate supply and demand after a disaster, how do you think these resources should be allocated among the population? What...
-
Does the presence or otherwise of a Public credit registries and or private credit Bureau explain the differences (if any) in the rankings pf countries ?
-
Explain why the long-run demand for durable goods is more income elastic than the short-run demand. Is this also the case for non-durables?
-
A student was provided with a piece of chalk which has a mass of 0.327 g. The chalk was dissolved in 70.00 mL of 0.450 M HCl and then the excess HCl was titrated with NaOH solution. The volume...
-
In the series connection below, what are the respective power consumptions of R, R2, and R3? R R www 4 V=6V P1-3 W; P2=3W; and P3= 3 W OP10.5 W; P2-1 W; and P3= 1.5 W P1=1.5 W; P2=1 W; and P3= 0.5 W...
-
Develop a table similar to Table 4.9 for \(\mathrm{GF}\left(2^{4}ight)\) with \(m(x)=x^{4}+x+1\). Table 4.9 Generator for GF(2) using x + x + 1 Power Polynomial Representation Representation 0 1 g 0...
-
It is possible to use a hash function to construct a block cipher with a structure similar to DES. Because a hash function is one way and a block cipher must be reversible (to decrypt), how is it...
-
For SSH packets, what is the advantage, if any, of not including the MAC in the scope of the packet encryption?
-
Compute the price of a share of stock that pays a \($5\) per year dividend and that you expect to be able to sell in one year for \($40\), assuming you require a 5% return.
-
You are considering purchasing a 10-year bond and follow the theory of rational expectations. If you have just read the annual report of the central bank in your country that states interest rates...
-
Suppose that you are a trader at the stock market. T-Mobiles stocks currently trade at $45 and the expected return is 9%. You have information that leads you to believe that by the end of year the...
Study smarter with the SolutionInn App