Xin chào ! Nếu đây là lần đầu tiên bạn đến với diễn đàn, xin vui lòng danh ra một phút bấm vào đây để đăng kí và tham gia thảo luận cùng VnPro.

Announcement

Collapse
No announcement yet.

Giúp em bài này với :D

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Giúp em bài này với :D

    Bài nó đây: http://www.mediafire.com/?5q55y5r4v8j0e85
    Click image for larger version

Name:	Capture.JPG
Views:	1
Size:	64.5 KB
ID:	208736
    Click image for larger version

Name:	2222.JPG
Views:	1
Size:	63.7 KB
ID:	208737
    Section 1: Switch Configurations (20 points)
    1. Initial configuration for Switch1, Switch2, switch3 and Switch4, including: host name and configure for remote access to devices use SSH protocol; disable DNS lookup and enable logging synchronous.
    2. Enabling trunk port on switches if needed.

    Note: Native VLAN is vlan for management. Information about native vlan is listed bellow.
    1. Creating VTP domain called CCAIAug2012 and password is Cisco on the Switch1, Switch2 and Switch3.
      • Switch1 is configured as VTP server.
      • Switch2 is configured as VTP server.
      • Switch3 is configured as VTP client.

    2. Creating VLANs as following on the Switch1, Switch2 and Switch3:

    · VLAN between HQ and Remote1 is named VLAN_HQ1.
    · VLAN for Server1 is named VLAN_Server.
    · VLAN for PC clients are named VLAN1, VLAN2 and VLAN3. PC1 is PC client of VLAN1, PC2 is PC client of VLAN2 and PC3 is PC client of VLAN3.
    · VLAN for management is named VLAN_Management
    Note: Candidate need to ensure that all ports of switches are assigned for VLANs properly.
    1. Configuring PVST+ on the Switch1, Switch2 and Switch3 with the following information:
      • Switch1 is root bridge for, VLAN1 and VLAN2.
      • Switch2 is root bridge for VLAN3 and VLAN_Server.
      • Switch3 is root bridge for VLAN_Management and VLAN_HQ1.

    Section 2: Router Configuration (25 points)
    1. Initial configuration for all routers, including: host name and configure for remote access to devices use SSH protocol; disable DNS lookup and enable logging synchronous.
    2. Configuring Cloud0 as a Frame Relay switch to link HQ, Remote1 and Remote2.
    a. Configuration one point-to-point PVC link HQ and Router1 via Frame Relay Switch Cloud0. The Frame Relay switch should use ANSI LMI
    b. Configuration one point-to-point PVC link HQ and Router2 via Frame Relay Switch Cloud0. The Frame Relay switch should use ANSI LMI
    3. Configure one point-to-point link between HQ and ISP router using PPP protocol. ISP router requires authentication PAP with username POD-128 and password CISCO.
    Note: ISP router with configured PPP link on the serial interface does not provide the authentication with any Routers.
    Section 3: Subneting and routing protocol configuration (30 points)
    The addressing for the Network has the following requirements.
    1. The 10.10.128.0/19 network must be subnetted to provide addresses for the LANs: LAN1, LAN2, LAN3, LAN_Management, LAN_Server, LAN_HQ1, serial links between routers HQ and Remote1 and serial links between routers HQ and Remote2.

    o The LAN of Remote2 will require 149 addresses.
    o The VLAN1 LAN will require 100 addresses
    • The VLAN2 LAN will require 470 addresses
    • The VLAN3 LAN will require 590 addresses
    • The VLAN_Management LAN will require 50 addresses
    • The VLAN_Server LAN will require 15 addresses
    • The VLAN_HQ1 LAN will require 19 addresses

    (Note: The interface router HQ use the first host address and the interface router Remote1 use the third host address to connect to this subnet)
    • The link between the router HQ and Remote1 will require two addresses for each link. (WAN 1)
    • The link between the router HQ and Remote2 will require two addresses for each link. (WAN 2)
    • Configuring Switch1, Switch2 and Switch3 with ip address and default gateway and that is on the VLAN_Management vlan for managing the devices.
    • The VLAN1, VLAN2 and VLAN3 use the gateway Remote1; the VLAN_Server and VLAN_Management uses gateway HQ.
    • Configure HQ as DHCP server for VLAN_1, VLAN_2 and VLAN_3.
    • Configuring IP addresses correctly for all device connections.
    • Configuring default route on the HQ to the Internet.
    • Configuring OSPF routing protocol for HQ (inside link only), Remote1 and Remote2. Use dynamic routing protocol to propagate the default route.
    • To extend the connection to the wireless devices, configure WRT300N with SSID: Guest; configure security use WPA2 with pre-share key: pronet.

    Note: The wireless router WRT300N connect to the Switch1 using port Internet and connect to port of Switch4.
    1. Configure port security on the Switch4 for 1 MAC address of the router wireless WRT300N can access LAN.


    Section 4: NAT and ACLs (25 points)
    1. Configuring NAT overload on HQ to allow all users from the internal networks to access to the Internet.
    2. Configure Static NAT to allow users from the Internet can access the internal Server with public IP address 100.100.128.1/27
    3. Configure and apply ACLs that meet the following requirements for the Server1:
    · Users from the Internet can access to internal Server with HTTP only.
    · Users from all local LANs can access to internal Server with HTTP and FTP only.
    · Internal Server can use ICMP to test traffic to all other but the others cannot use ICMP to test traffic to the Server1.
    · All traffic not listed above is not allowed to access the internal Server1.
    Last edited by tu310; 23-03-2013, 12:17 PM.
Working...
X