Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave
Project 1: Cisco Enterprise Switching and Routing

Instructions

1. Why do you need to configure 0.0.0.1 for R1 and 0.0.0.2 for R2 when setting the router ids for OSPF?


2. What happens if you include the R2 Lo0 network in the OSPF process?


3. What is the purpose of using NAT on R1 instead of R2?


4. Why is TFTP used to backup and restore configurations as opposed to FTP or SSH?


5. Why is it a good idea to backup the running configuration and not the stored configuration on the routers and switches?

Another Moscovium Network Consulting project has come your way. This project will require you to configure six devices in a small-medium network. Specifically, you must configure two routers, two switches, and two PCs. You will also have to implement secure management, Single-Area OSPFv2 routing, Network Address Translation, and some access-control lists. Finally, you will implement a TFTP backup process for the device configurations.

Part 1: Initialize, Reload and Configure Basic Device Settings

Part 2: Configure and Single Area OSPFv2

Part 3: Optimize Single Area OSPFv2

Part 4: Configure Access Control, NAT, and perform configuration backup

Pacet Tracer Required Resources

  • 2 Cisco 4321 Routers
  • 2 Cisco 2960 Switches
  • 2 PCs

Device

Interface

IP Address

Subnet Mask

Default Gateway

R1

G0/0/0

10.67.254.2

255.255.255.252

N/A

R1

G0/0/1

192.168.1.1

255.255.255.0

N/A

R1

Lo0

10.52.0.1

255.255.255.248

N/A

R2

G0/0/0

10.67.254.1

255.255.255.252

N/A

 

G0/0/1

10.67.1.1

255.255.255.0

N/A

 

Lo0

209.165.201.1

255.255.255.224

N/A

S1

VLAN 1

192.168.1.2

255.255.255.0

192.168.1.1

S2

VLAN 1

10.67.1.2

255.255.255.0

10.67.1.1

Step 1: Initialize and reload routers and switches.
  • Erase the startup configurations and VLANs from the router and switch and reload the devices.
  • Before proceeding, ask your instructor verify device initializations.
Step 2: Configure the routers.

Configuration tasks for R1 and R2 include the following:

Task

Specification

Disable DNS lookup

Router name

R1 or R2, as appropriate

Domain name

ccna-lab.com

Encrypted privileged EXEC password

ciscoenpass

Console access password

ciscoconpass

Set the minimum length for passwords

10 characters

Create an administrative user in the local database

Username: admin

Password: admin1pass

Set login on VTY lines to use local database

Set VTY lines to accept SSH connections only

Encrypt the clear text passwords

Configure an MOTD Banner

Configure interface G0/0/1

Set the description

Set the Layer 3 IPv4 address

Activate Interface

Configure interface G0/0/0

Set the description

Set the Layer 3 IPv4 address

Activate Interface

Configure interface Lo0

Configure IPv4 address

Generate an RSA crypto key

1024 bits modulus

Step 3: Configure S1 and S2.

Configuration tasks for the switches include the following:

Task

Specification

Disable DNS lookup

Switch name

S1 or S2, as appropriate

Domain name

ccna-lab.com

Encrypted privileged EXEC password

ciscoenpass

Console access password

ciscoconpass

Shutdown all unused interfaces

Create an administrative user in the local database

Username: admin

Password: admin1pass

Set login on VTY lines to use local database

Set VTY lines to accept SSH connections only

Encrypt the clear text passwords

Configure an MOTD Banner

Generate an RSA crypto key

1024 bits modulus

Configure Management Interface (SVI) for VLAN 1 (the Management VLAN)

Set the Layer 3 IPv4 address

Configure Default Gateway

Configuration tasks for R1 and R2 include the following:

Task

Specification

Configure the OSPF routing process

Use process id 1

Manually configure the router id

Use 0.0.0.1 for R1 and 0.0.0.2 for R2

Configure network statements

Configure a network statement for each locally attached network using a wild card mask that matches each network’s subnet mask

Note: R2 Lo0 network should not be included in the OSPF process.

Step 1: Configure R1.

Configuration Tasks for R1 include the following:

Task

Specification

Configure passive interfaces

Configure all interfaces that are not directly connected to an OSPF neighbor to be passive

Configure the reference bandwidth

Adjust the reference bandwidth to 1 Gigabit

Configure Loopback 0 to report the mask it is configured with instead of a host mask

Configure Loopback0 as a point-to-point network for OSPF

Tune the timers for your network

Configure the hello time for 30 seconds


Step 2: Configure R2.

Configuration tasks for R2 include the following:

Task

Specification

Configure passive interfaces

Configure all interfaces that are not directly connected to an OSPF neighbor to be passive

Configure the reference bandwidth

Adjust the reference bandwidth to 1 Gigabit

Provide default routing for the OSPF domain

Configure a static default route with loopback 0 as the exit interface, then share the default information with other OSPF speakers

Tune the timers for your network

Configure the hello time for 30 seconds

Tune the DR/BDR election to favor R2

Set the OSPF priority for R2 to a value of 50

Step 1: Configure host computers.

Configure the host computers PC-A and PC-B with IPv4 addresses. (4 points)

Description

PC-A

PC-B

IP Address

192.168.1.50

10.67.1.50

Subnet Mask

255.255.255.0

255.255.255.0

Default Gateway

192.168.1.1

10.67.1.1

After configuring each host computer, perform the following tests: (4 points)

Source

Target

Protocol

Expected Result

PC-A

PC-B

Ping

Success

PC-A

https://209.165.201.1

HTTPS

Success

PC-A

209.165.201.1

SSH

Success

PC-B

209.165.201.1

SSH

Success

If you get different results, troubleshoot your OSPF and host configurations.

Note: If you are unable to access 209.165.201.1 via https, enter ip http secure-server at R2 CLI. R2(config)# ip http secure-server

Step 2: Configure Access Control on R2.

Create and apply an access control list on R2 named R2-SECURITY to do the following:

Task

Specification

Create an access control list

R2-SECURITY

Control HTTP and HTTPS traffic

Only hosts from the 10.0.0.0/8 network are allowed to reach the web server at 209.165.201.1

Control SSH traffic

SSH is not allowed to the address 209.165.201.1

Permit traffic

All other traffic, regardless of protocol, is allowed

Apply the ACL

Filter traffic originating from R1

After configuring and applying the ACL, perform the following tests: (2 points)

Source

Target

Protocol

Expected Result

PC-A

PC-B

Ping

Success

PC-A

https://209.165.201.1

HTTPS

Failure

PC-A

209.165.201.1

SSH

Failure

PC-B

209.165.201.1

SSH

Success

If you get different results, double check your ACL configuration and application.

Step 3: Configure NAT.

The decision has been made that the entire organization should be using addresses in the 10.0.0.0/8 network space. R1’s LAN is out of compliance. There are applications and services running in the R1 LAN that cannot have their IP address changed without the entire system being rebuilt, so NAT is in order. Here are the configuration tasks at R1:

Task

Specification

Remove 192.168.1.0/24 from OSPF

Remove the appropriate network statement at R1

Create an ACL to identify hosts allowed to be translated

Create an ACL that matches the 192.168.1.0 network

Configure Port Address Translation on the outside interface of R1

Configure the NAT association between the ACL and the interface g0/0/0 so that it uses port address translation

Identify the interfaces involved in NAT

Specify inside or outside on the appropriate interfaces

Step 4: Backup all device configurations.

Task

Specification

Using the TFTP server on PC-B, backup the running configuration of all of your devices to PC-B using the TFTP protocol


Part 5: Cleanup

support
Whatsapp
callback
sales
sales chat
Whatsapp
callback
sales chat
close