Sunday, 15 February 2015




Final project

·         Topology Diagram




Figure: Topology 

·         Addressing Table

Device
Interface
Ip address
Subnet mask
Default gatway
Sana’a
Fa 0/0.10
Fa 0/0.20
S0/0/0
S0/0/1.102
S0/0/1.103
192.168.1.65
192.168.1.81
64.1.1.1
10.1.1.1
10.2.2.1
255.255.255.240
255.255.255.248
255.255.255.252
255.255.255.252
255.255.255.252

ISP
S0/0/0
Fa0/0
64.1.1.2
172.16.1.1
255.255.255.252
255.255.255.0

Aden
Fa0/0
S0/0/0.201
192.168.1.1
10.1.1.2
255.255.255.224
255.255.255.252

Taiz
Fa0/0
S0/0/0.301
192.168.1.33
10.2.2.2
255.255.255.224
255.255.255.252

Web
NIC
127.16.1.10
255.255.255.0
127.16.1.1
FTP
NIC
192.168.1.20
255.255.255.224
192.168.1.1

Table 3.5: Addressing Table

·         Initial port assignments (switches access1 and access2)

Ports
Assignments
Networks
Fa0/1-6
Vlan 10 (IT)
192.168.1.64/28
Fa0/7-9
Vlan 20 (sales)
192.168.1.80/29
Fa0/24,23,22
Trunk 802.aq

Table 3.6: port assignments

Task 1: prepare the network
Step1: cable a network
Task2: perform basic router configuration
Configure the sana’a, aden , taiz, isp according to the following guidelines:
o   Hostname
o   Configure   a message-of- the-day banner
o   Configure   a password of sabafon123 for console connections
o   Configure   a password of sabafon123 for vty connection
o   Task3: perform switch configuration
Step1: create vlans on access1 and access2.
Step2: assign switch ports to vlans on access1 and access 2.
Step3 : configure trunk.
Step4: configure intervlan routing .
Step5: configure Ethernet channel.

Task4 : perform wan configuration
Step1: configure (point-to-point) frame relay between Sana’a ,Taiz and Sana’a Aden.
               
Task5: perform ip routing configuration
Step1: configure default static routing though s0/0/0 interface
Step2: configure EIGRP between Sana’a,Aden and Taiz

Task6: perform DHCP configurations
Step1: create four pools for
o   IT vlan (192.168.1.64/28)
o   Sales vlan (192.168.1.80/29)
o   Aden users (192.168.1.0/27)
o   Taiz users (192.168.1.32/27)

Task7: perform NAT configuration
Step1: configure PAT on sana’a
Task8: perform ACL configurations
Step 1: on router Sana’a deny IT users from accessing the ftp server using extended ACL.
Step2: on router Sana’a deny sales users from accessing web server using extended ACL .
·         Sanaa router configurations

version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname sanaa
!
!
!
enable secret 5 $1$mERr$T62Fjzlp2XPRv5StN6Ke60
enable password sabafon123
!
!
!
ip dhcp pool IT
 network 192.168.1.64 255.255.255.240
 default-router 192.168.1.65
ip dhcp pool sales
 network 192.168.1.80 255.255.255.248
 default-router 192.168.1.81
!
!
!
username isp password 0 123
username sanaa password 0 123
!
!
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
 no ip address
 ip access-group 120 in
 ip nat inside
 duplex auto
 speed auto
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 192.168.1.65 255.255.255.240
 ip access-group 110 in
!
interface FastEthernet0/0.20
 encapsulation dot1Q 20
 ip address 192.168.1.81 255.255.255.248
 ip access-group 130 in
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 64.1.1.1 255.255.255.252
 encapsulation ppp
 ppp authentication chap
 ip nat outside
!
interface Serial0/0/1
 no ip address
 encapsulation frame-relay
!
interface Serial0/0/1.102 point-to-point
 ip address 10.1.1.1 255.255.255.252
 frame-relay interface-dlci 102
!
interface Serial0/0/1.103 point-to-point
 ip address 10.2.2.1 255.255.255.252
 frame-relay interface-dlci 103
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 20
 network 192.168.0.0 0.0.255.255
 network 10.2.2.0 0.0.0.255
 network 10.1.1.0 0.0.0.3
 network 192.168.1.0
 no auto-summary
!
ip nat inside source list 10 interface Serial0/0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
!
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 130 deny tcp 192.168.1.0 0.0.0.255 host 64.1.1.2 eq www
access-list 130 permit ip any any
access-list 110 deny tcp 192.168.1.0 0.0.0.255 host 192.168.1.20 eq ftp
access-list 110 permit ip any any
!
banner motd ^C only authorized users can access ^C
!
!
!
!
line con 0
 password sabafon123
 login
!
line aux 0
!
line vty 0 4
 password sabafon123
 login
!
!
!
end
·         ISP  router configurations

version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname isp
!
!
!
enable secret 5 $1$mERr$T62Fjzlp2XPRv5StN6Ke60
enable password sabafon123
!
!
!
!
!
!
username isp password 0 123
username sanaa password 0 123
!
!
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
 ip address 172.16.1.1 255.255.255.0
 ip nat inside
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 ip address 64.1.1.2 255.255.255.252
 encapsulation ppp
 ppp authentication chap
 ip nat outside
 clock rate 64000
!
interface Serial0/0/1
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
ip nat inside source static 172.168.1.10 64.1.1.2
ip nat inside source static 172.16.1.10 64.1.1.2
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
!
!
!
banner motd ^C only authorized users can access ^C
!
!
!
!
line con 0
 password sabafon123
 login
!
line aux 0
!
line vty 0 4
 password sabafon123
 login
!
!
!
End





·         Aden  router configurations
version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname aden
!
!
!
enable secret 5 $1$mERr$T62Fjzlp2XPRv5StN6Ke60
enable password sabafon123
!
!
!
ip dhcp pool aden
 network 192.168.1.0 255.255.255.224
 default-router 192.168.1.1
!
!
!
!
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.224
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0/0.201 point-to-point
 ip address 10.1.1.2 255.255.255.252
 frame-relay interface-dlci 201
!
interface Serial0/0/1
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 20
 network 192.168.1.0 0.0.0.31
 network 10.1.1.0 0.0.0.3
 network 10.2.2.0 0.0.0.3
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0.201
!
!
!
banner motd ^C only authorized users can access ^C
!
!
!
!
line con 0
 password sabafon123
 login
!
line aux 0
!
line vty 0 4
 password sabafon123
 login
!
!
!
end

·         Taiz  router configurations

version 12.4
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname taiz
!
!
!
enable secret 5 $1$mERr$T62Fjzlp2XPRv5StN6Ke60
enable password sabafon123
!
!
!
ip dhcp pool taiz
 network 192.168.1.32 255.255.255.224
 default-router 192.168.1.33
!
!
!
!
!
!
!
no ip domain-lookup
!
!
spanning-tree mode pvst
!
!
!
!
interface FastEthernet0/0
 ip address 192.168.1.33 255.255.255.224
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0/0.301 point-to-point
 ip address 10.2.2.2 255.255.255.252
 frame-relay interface-dlci 301
!
interface Serial0/0/1
 no ip address
 shutdown
!
interface Vlan1
 no ip address
 shutdown
!
router eigrp 20
 network 10.2.2.0 0.0.0.3
 network 192.168.1.32 0.0.0.31
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0/0
ip route 0.0.0.0 0.0.0.0 Serial0/0/0.301
!
!
!
banner motd ^C only authorized users can access ^C
!
!
!
!
line con 0
 password sabafon123
 login
!
line aux 0
!
line vty 0 4
 password sabafon123
 login
!
!
!
end

·         Access1 (Switch) configurations

Switch>en
Switch#conf
Configuring from terminal, memory, or network
[terminal]?
Enter configuration commands, one per line.  End with
CNTL/Z.
Switch(config)#ho
Switch(config)#hostname access1          
access1(config)#vlan 10
access1(config-vlan)#name IT
access1(config-vlan)#vlan 20
access1(config-vlan)#name sales
access1(config-vlan)#exit
access1(config)#int range f0/1-6
access1(config-if-range)#sw
access1(config-if-range)#switchport mo
access1(config-if-range)#switchport mode acc
access1(config-if-range)#switchport mode access
access1(config-if-range)#switchport access vlan 10
access1(config-if-range)#exit
access1(config)#int range f0/7-9
access1(config-if-range)#sw
access1(config-if-range)#switchport mode access
access1(config-if-range)#switchport access vlan 20
access1(config-if-range)#exit
access1(config)#end
access1#
%SYS-5-CONFIG_I: Configured from console by console

access1#show vlan b

VLAN Name                             Status    Ports
---- -------------------------------- ---------
-------------------------------
1    default                          active    Fa0/10,
Fa0/11, Fa0/12, Fa0/13
                                                Fa0/14,
Fa0/15, Fa0/16, Fa0/17
                                                Fa0/18,
Fa0/19, Fa0/20, Fa0/21
                                                Fa0/22,
Fa0/23, Fa0/24
10   IT                               active    Fa0/1,
Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5,
Fa0/6
20   sales                            active    Fa0/7,
Fa0/8, Fa0/9
1002 fddi-default                     active   
1003 token-ring-default               active   
1004 fddinet-default                  active   
1005 trnet-default                    active   
access1#


·         Access2 (Switch) configurations same as access1 except hostname and for the trunk is as down

access2(config)#int range f0/23-24
access2(config-if-range)#switchport mode trunk
access2(config-if-range)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/23, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/23, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/24, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/24, changed state to up

access2(config-if-range)#channel-group 1 mode active
access2(config-if-range)#
Creating a port-channel interface Port-channel 1

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/23, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/23, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/24, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface
FastEthernet0/24, changed state to up
access2(config-if)#exit
access2(config)#int port-channel 1
access2(config-if)#switchport mode trunk
access2(config-if)#end

access1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate
aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 1
Number of aggregators:           1

Group  Port-channel  Protocol    Ports
------+-------------+-----------
+----------------------------------------------

1      Po1(SU)           LACP   Fa0/23(P) Fa0/24(P)









Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)