Hide Assignment InformationTurnitin®This assignment will be submitted to Turnitin®.Instructions
Summarizing and Explaining Your Design
Summarize the site requirements and/or any challenges (changes to the topology as you detailed in assignments 1 and 2) you are attempting to overcome. You should also provide an updated overall site topology based on your design.
This solution should be comprehensive and the approach should be justified. Configurations of technologies should be written out to help guide the systems administrators with implementation. In some cases, you may find it necessary to implement additional cabling, which can be done by adding to the supplied topology. Any adjustments to the sites’ topology should be documented and supplied with your submission.
Use the
Network Design Proposal Template
to record your work. When you are finished, submit your final paper to the dropbox below.
Review the syllabus for information about late policies and resubmitted assignments.
Due DateMar 8, 2020 11:30 PMHide Rubrics
Rubric Name: Assignment 3: Technical Details Task
Cisco Network Proposal (Part-3)
CMIT350
Professor: James Graves
Generated by: Mohammad Tanzim
Date: 02/25/2018
Summary:
1) The
VLAN
of Sacramento, Router OS, the implementation of DHCP, Los Angeles
Site Management, xACME WAN – WAN Implementation
2)
Bibliography
Sacramento Site Configuration
The Sacramento office site will need three main materials which are implementing a
VLAN for specific switches, implementing a routing stick topology to fulfil the
requirement of VLAN, and utilizing dynamic host control protocol. Besides, UMUC need
to care about allowing limited mac address per port with the restrictions for unauthorized
users. IP address has to be assigned automatically.
VLAN
This site can be divided into 4 VLANs for faculty, administrator, instructional, and a
general server. The name of these VLAN will be required as ID and the necessary
security for additional port can be configured later with switchport access mode and
trunk mode. Access mode works as a protocol which can allow ports to provide
communication with specific nodes within the same VLAN. In contrast, the trunk mode
ensures connection between VLAN and the switch. In the end, DHCP can be helpful to
assign IP addresses for all devices or hosts.
The administrative VLAN can be identified with number 14, instructional with 35, server
with 8 and faculty with 6. All the subnet mask of these 4 VLAN is 255.255.255.192 and
IP addresses can be assigned automatically within a range. Take that range for
Administrative VLAN 15 is 10.50.0.64 to 10.50.0.116 with default gateway 10.50.0.66,
instructional VLAN 35 is 10.50.0.128 to 10.50.0.180 with default gateway 10.50.0.130,
server VLAN 8 is 10.50.0.192 to 10.50.0.192 to 10.50.0.245 with default gateway
10.50.0.194, and faculty VLAN 5 is 10.50.0.0 to 10.50.0.52 with default gateway
10.50.0.2.
Configuring New VLAN
SacSw1>ena
SacSw1#conf t
SacSw1(config)#vlan 15
SacSw1(config-if)#switchport port-security
SacSw1(config-if)#switchport port-security maximun 2
SacSw1(config-if)#switchport port-security mac-address sticky
SacSw1(config-if)#switchport port-security violation shut
SacSw1(config-if)#Ctrl+Z
SacSw1#copy run start
SacSw1#exit
Configuring Switch
Faculty vlan: 10.50.0.1 /26
Administrative vlan: 10.50.0.65 /26
Instructional vlan: 10.50.0.129 /26
Server vlan: 10.50.0.193 /26
SacSw1>ena
SacSw1#conf t
SacSw1(config)#int fa0/24
SacSw1(config)#switchport mode trunk
SacSw1(config)#switchport trunk allowed vlan 6, 8, 15, 35
SacSw1(config)#switchport trunk encapsulation dot1q
SacSw1(config)#description Uplink to Sacramento Router
SacSw1(config)#no shut
SacSw1(config)#Ctrl+Z
SacSw1#copy run start
Configuring Router
SacRouter>ena
SacRouter#conf t
SacRouter(config)#int fa0/0.5
SacRouter(config-subif)#ip address 10.50.0.1 255.255.255.192
SacRouter(config-subif)#encap dot1q 3
SacRouter(config-subif)#description administrative vlan 6
SacRouter(config-subif)#no shut
SacRouter(config)#int fa0/0.14
SacRouter(config-subif)#ip address 10.50.0.66 255.255.255.192
SacRouter(config-subif)#encap dot1q 15
SacRouter(config-subif)#description administrative vlan 15
SacRouter(config-subif)#no shut
SacRouter(config-subif)#Ctrl+Z
Sac
Router#copy run start
Configuring DHCP
SacRouter>ena
SacRouter#conf t
SacRouter(config)#ip dhcp pool server
remote assistance to the VLAN. In the end, to sync properly with necessary materials
like logging records, authentication protocol, netowrk time protocol can be used. From
the topology of this site, Los Angeles has a TFTP server and it needs to provide backup
configuration for easy recovery. Then, secure shell SSH can be good option to remote
management. Finally, with the implementation of NTP can maintain synchronization to
the all servers in this site.
Configuration Remote Storage(IOS)
LARouter#copy running-config tftp: Server Directory
LARouter#copy nvram:startup-config tftp: Server directory
LARouter#copy run start
Configuring SSH
LASw2>ena
LASw2#conf t
LASw2(config)#crypto key generate rsa
LASw2(config)#aaa newmodel
LASw2(config)#username admin password PASSWORD
LASw2(config)#line vty 0 16
LASw2(config-line)#transport input ssh
LASw2(config-line)#login local
LASw2(config-line)#password 8
LASw2(config-line)#exit
LAw2(config)#line console 0
LASw2(config-line)#logging synchronous
LASw2(config-line)#login local
LASw2(config-line)#exit
LASw2#Ctrl+Z
LASw2#copy run start
Configuring ACL
LARouter>ena
LARouter #config t
LARouter(config)#IP access-list extended VLAN
LARouter(config-ext-nacl)#permit IP 10.40.7.0 0.0.04 host 10.40.7.10
LARouter(config)#interface fa0/0
LARouter(config-if)#ip access-group VLAN in
LARouter(config)#line vty 0 16
LARouter(config-line)#ip access-class VLAN in
LARouter(config-line)#Ctrl+Z
LARouter#copy run start
LARouter#exit
Configuring NTP
Router(config)#int s0/0/0
Router(config-if)#encap ppp
Router(config-if)#ppp authentication chap
Router(config-if)#Ctrl+Z
Router(config)#exit
Router#copy run start
Topology
Every networking plan should have a definition of requirements and proper topological
description for WAN connection. The total design must be going through under secure
protocol and development of this sites performance and connectivity. Some factors like
preceding calculation of traffic, the period of using network infrastructure need to be
focused. Security is much important where unsecured protocol and host need to be
secured and all the unauthorized access need to be restricted. Moreover, all the VLAN
and switch should have clear communication between each other where needed. This
topology must have a multiple point of entry and exit, otherwise if any IP scheme has
failed, that will make drastic result. Moreover, xACME wan site need to ignore any
higher work being placed on those 2 devices which can provide incoming and outgoing
per multiple sites together. They have to be determined by alleviating the heavy traffic
on those 2 devices within the creation of some redundancy in this topology.
Bibliography
1) “Routing and Switching Pro”, TestOut, 2017. [Online]. Available:
www.testout.com. [Accessed 02 25 2018]
2) P. Support, C. Firewall, T. Alerts and T. TechNotes, "Configuring IP Access
Lists", Cisco, 2016. [Online]. Available:
http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602
confaccesslists.html. [Accessed: 25- Feb- 2018].
3) B. Ahmedi, P. Mitrevski, “On the Development of Methodology for Planning and
Cost-Modeling of Wide Area Netowrk.”, International Journal of
Computer Networks & Communications (IJCNC) Vol.6, No.3, May 2014
1) “Routing and Switching Pro”, TestOut, 2017. [Online]. Available:
www.testout.com. [Accessed 02 25 2018]
2) P. Support, C. Firewall, T. Alerts and T. TechNotes, “Configuring IP Access
Lists”, Cisco, 2016. [Online]. Available:
http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-
confaccesslists.html. [Accessed: 25- Feb- 2018].
3) B. Ahmedi, P. Mitrevski, “On the Development of Methodology for Planning and
Cost-Modeling of Wide Area Netowrk.”, International Journal of
Computer Networks & Communications (IJCNC) Vol.6, No.3, May 2014
Company