Professional Documents
Culture Documents
Student:
Date:
Points:
95354489.doc
Page 1 / 16
Configure security via VLANs and propagate with VTP. Design a redundant switched network. Configure switch port VLAN information and port security Connect and verify connectivity to a wireless router Configure the IP settings of a Linksys wireless router Configure DHCP on a Linksys wireless router Change the network mode and corresponding network channel on a wireless router Enable WEP encryption and disable SSID broadcast. Enable a wireless MAC filter if available. Configure access restrictions on a wireless router if available.
Background
XYZ Insurance Company requires 24/7 access to the Internet in order to service its clients. You have been retained to design a network which meets these requirements. In order to achieve this, you have decided to develop the design in stages proving each stage on the way. In addition some users within your company are provided with wireless laptops and are allowed to log onto the companys local area network in a secure fashion. Two wireless routers are provided for this for security and the Sales staff will be shared between them. Unauthorised wireless laptop users must be denied access in order to preserve security.
Requirements
The company has 3 main departments Personnel, Finance and Sales. The offsite sales team are provided with laptops and, when in the head office, are regarded as part of the Sales Department. Your design must provide for
95354489.doc
Page 2 / 16
All networking devices must have IP addresses. Use the private class B 172.25.0.0 network for internal addressing. Use VLSM for IP addressing. Use subnet 200.1.1.0/29 for connection to the Internet via a router. There is a DNS server at address 195.195.1.2/24 connected to the router. A redundant switched network using a layered design is required with one router for access to the internet. (Two routers would be needed in the final analysis).
95354489.doc
Page 3 / 16
Internet
DNS Server 195.195.1.2/24
EXTRA
Fa0/0 Fa0/0
Fa0/1
Fa0/5
Fa0/1
Fa0/2 Fa0/3
Fa0/2
Fa0/3
Fa0/24
Fa0/23
Fa0/23
Fa0/24
Fa0/23
Fa0/24
WRS2
Worksheet
1. Produce a logical diagram based on the above diagram for the LAN for XYZ Insurance Company that includes: Router and switch names VLAN names and details Network addresses Number of hosts per network
Link Speeds The next few sections have example grids for documenting this information.
95354489.doc
Page 4 / 16
3.
For each device, a set of tables is required. These will assist with design and development activities and used when configuring switches and routers. A separate table should be created for each router and switch.
Router Name:
Network Name Description and Purpose Interface/Sub Interface Type/Number VLAN Encapsulation Network Number Interface IP Address Subnet Mask
95354489.doc
Page 5 / 16
Below is the sample layout for the switch tables. Distribution Switch Name: Switch IP address: VLAN:
Port/Number Description and Purpose Speed Duplex VLANs allowed Switchport Type Encapsulation (if needed)
VLAN:
Duplex VLANs allowed Switchport Type Encapsulation (if needed)
95354489.doc
Page 6 / 16
VLAN:
Duplex Network Name Network Number Subnet Mask VLAN Switchport Type Encapsulation (if needed)
VLAN:
Duplex Network Name Network Number Subnet Mask VLAN Switchport Type Encapsulation (if needed)
VLAN:
Duplex Network Name Network Number Subnet Mask VLAN Switchport Type Encapsulation (if needed)
95354489.doc
Page 7 / 16
4. Complete the IP design, assign and tabulate PC/workstation and server addresses for each LAN in each location. Although normally a DHCP server will assign PC/workstation addresses, assign all addresses statically apart from the wireless network. For demonstration purposes, the company agrees that it is enough to statically assign all PC/workstation and server addresses and that at the access layer three 24-port switches are sufficient. Stackable switches may be needed to accommodate the requirements for the full implementation. PC or Server Name
Network Number
IP address
Subnet Mask
Gateway
Services Provided
The tables and supporting text will be part of the documentation delivered to the XYZ Research Company. Before you commence with the implementation the logical diagram and tables need to be approved by the company. Instructors Signature: ______________________Date:_______________ For this Case Study, implement your design in phases with Packet Tracer and check out any particular aspects not supported by Packet Tracer with the equipment. Deliverables: Assignment with answers, Packet Tracer file and relevant configuration records and testing records..
95354489.doc
Page 8 / 16
95354489.doc
Page 9 / 16
Testing
1. Is there connectivity between all devices? [Y/N] ___________ 2. Can the PCs ping every device? [Y/N] ______________ 3. Do the access connected ports acquire the first MAC address? [Y/N] _______
First MAC address _____________
4. Do the connected ports shutdown if a second PC replaces the first PC? [Y/N] _
Record the MAC addresses learned on each access port across all switches.
95354489.doc
Page 10 / 16
1. Has the VLAN database propagated to the access switches? [Y/N] ____ 2. Test connectivity across the network for each of the three VLANs [Y/N]____ 3. Is there connectivity between different VLANs? [Y/N] ________ 4. Test that pings are successful from switch to switch:
Ping from Distribution Switch 1 to Access Switch 1 and 2? [Y/N] ________ Ping from Access Switch 1 to Access Switch 2? [Y/N] ___________ Save and print out (1) Switch configurations, (2) show interface trunk, (3) show VLAN for each switch, (4) show VTP mode and status for each switch..
95354489.doc
Page 11 / 16
1. Select a router with two fastethernet ports and name it Router1 with login password as
cisco and secret password as class.
2. Configure sub-interfaces on Router1 fa0/0 for the VLANs and the native VLAN. The
sub-interfaces become the default gateways for each of these networks. 3. Connect a web server with a home page to simulate the Internet for test purposes. 4. Add default gateways to the PCs. Tests
1. Is there communication between PCs and servers? [Y/N] ________ 2. Is there communication via the router between each VLAN? [Y/N] ________ 3. Test that pings are still successful from switch to switch.
Ping from Distribution Switch 1 to Access Switch 1 and 2? [Y/N] ________ Ping from Access Switch 1 to Access Switch 2? [Y/N] ___________ 4. Can each PC browse to the web server on the internet? [Y/N] ____________ Save and print out (1) the router configuration, (2) show ip route, (3) show protocols.
95354489.doc
Page 12 / 16
1. Select a wireless router with an internet port connected to the wired Sales VLAN. 2. Configure the wireless router internet port with a static IP address in the Sales network. 3. Configure the wireless LAN on the wireless router with DHCP and the
SSID: ExternalXYZSales.
4. Configure additional security with a WEP key and explain the addition of MAC filters. 5. Install a LAN wireless card in a PC and configure with DHCP selected. 6. Select a wireless access point and configure it with secure access to the wired Sales
VLAN with SSID: InternalXYZSales and a WEP key. Tests
1. Is there communication from wireless router to the Sales PCs on the wired network via
both access switches? [Y/N] ________
2. Record the IP address assigned to wireless PC via DHCP? ____________ 3. Is wireless communication via the access point? [Y/N] 4. Is there communication from the wireless PCs and the wired Sales PCs?
Successful ping from external wireless PC to a wired Sales PC via wireless router? [Y/N] ____ Successful ping from internal wireless PC to a wired Sales PC via wireless access point? [Y/N] ____
6. Can the wireless PCs browse to the web server on the internet? [Y/N] ______
Save, capture and print out configuration of (1) wireless router, (2) wireless access point.
95354489.doc
Page 13 / 16
1. Add the redundant switch in server mode with the same domain and password.
2. Ensure the root bridge is one of the distribution switches. 3. Connect the redundant switch via a trunk link to the first distribution switch. 4. Connect trunk links from the distribution switches to the access switches. 5. Allow spanning-tree protocol to set the port states. Tests Enter show spanning-tree to record: 1. Identity of the root bridge: _____________________ 2. Assign same priority to all VLANs. 3. For each switch on VLAN99record the root bridge identity, ensuring one of the distribution switches is a root bridge, and the status of the trunk ports as shown below:
95354489.doc
Page 14 / 16
4. Change the bridge priorities so that the other distribution switch becomes the root
bridge and record the states and identities as previously. Save, capture and print out the output from show spanning-tree of all switches for both root bridge assignments.
95354489.doc
Page 15 / 16
CCNA3 Exploration: LAN Switching and Wireless (Guided Case Study) EXTRA
Phase 7: Fully Redundant Switched Network (No points)
To provide 24/7 access to the Internet, a second router would be installed with a trunk link to the redundant distribution switch. Steps
Tests
Add the second router and name it Router2. Configure it in the same manner as Router1. Connect the web server via a switch to Router1 and Router2. Connect it via a switch to the fastethernet ports on the two routers.. Connect Router2 to the second distribution switch.
1. Access the web server from all PCs? [Y/N] ________ 2. If DistSW1 fails, can all PCs still access the Internet. [Y/N] _____
NB. Default gateway of web server may need changing. Save and print the port status for the surviving Distribution switch. 3. If Router1 fails, can all PCs still access the Internet. [Y/N] _____ NB. Default gateway of web server may need changing.
95354489.doc
Page 16 / 16