Cisco Networking—WAN Implementation with
SOHO Configuration (Parts 1-3)
Overview
–
Along with the challenges presented in this document, you will
be provided an overall site topology to work from, as well as specific device
configurations (where applicable) to make your recommendations.
Suggested solutions should be comprehensive and justified in
approach. Configurations of technologies should be written out to help guide
the systems administrators with implementation. In some cases, you may find it
necessary to implement additional cabling, which can be done by adding to the
supplied topology. Any adjustments to the sites’ topology that you find
necessary should be documented and supplied with your submission.
Your document will be divided up by site and solutions per site.
Each area is unique in requirements but collectively will demonstrate your
understanding of network routing and switching technologies. Each scenario will
provide you with suggested sections within TestOut (LabSim) to use as a guide
in your analysis and recommendations.
You can use thistemplate as a guide on how
to format your project. Be sure to cite your external sources using theIEEE citation style. To
learn how you will be assessed on this assignment, please take a moment to
review therubric.
Existing
VLANs
–
Remote locations vary in terms of size and requirements. Some
implementations will require current site router/switch-running configurations,
which will be provided. All sites will use the following four VLANs, but you
will need to configure only what is asked per site (some assumptions will be
made).
· Existing
VLANs, per xACME:
o Faculty
VLAN
§ used
by faculty on-site for all office locations (non-instructional communications)
§ total
devices per site will vary
o Administrative
VLAN
§ used
by staff on-site for business administrative communications
§ total
devices per site will vary
o Academic
VLAN
§ used
by faculty and students for classroom labs and instructional communications
§ total
devices per site will vary
o Server
VLAN
§ used
by IT staff for all technology/management communications
§ total
devices per site will vary
The types of devices per site will be the same; however, the
number of deployed devices may vary (all documented in the xAcme educational
topology).
Routers Per Site:
|
Cisco 2800 Series Integrated Services |
||
|
Interfaces |
4 Fast Ethernet Interfaces (Per Router) |
2 Serial Interfaces (Per Router) |
|
fa0/0 |
s0/0/0 |
|
|
fa0/1 |
s0/0/1 |
|
|
fa1/0 |
||
|
fa1/1 |
Switches Per Site:
|
Cisco Catalyst 6500 Series |
|
|
Ports |
96 Total Gigabit Ethernet Ports Per Switch |
|
Module |
|
|
Module |
|
|
Module |
|
|
Module |
Note:Device
type will not impact your configuration commands and implementation of ALL
required technologies will use Cisco IOS commands/concepts learned in our
TestOut lecture(s). Standard switchports will be configured and used as trunk
OR access ports, and DCE ends should be noted when configuring serial ports per
router.
Clickhere to download the
configuration file for all of the devices. Note: one of the files in the zip
file is a PacketTracer file. You can open it using the Packet Tracer program
that you can download fromhere. The use of Packet Tracer is
optional.
Springfield
Site Device and STP Configurations (Focus on the Springfield Site Only)
–
Required Implementation: Device
hostnames, banners, secured passwords and spanning tree protocol.
· Device
Configurations:Implement device hostnames to
match the xACME educational topology labels. Provide a template and sample
configuration for the MOTD banner and login banner (wording and implementation)
for one of the switches. Keep this generic, as it will be implemented on allswitches in
the xACME educational topology. Lastly, include the configuration steps for
implementing device passwords on both console port (out-of-band communications)
and VTY (Telnet/in-band communications). All passwords should be encrypted.
· Spanning
Tree Protocol (STP):Briefly explain the
advantages and purpose of the STP. Administrators are having a difficult time
placing switch 1 as the root. Provide a sample configuration for implementing
SPT on the switches. Choose the mode you feel would be best suited for the
environment and justify why. Switch 1 will need to be the root switch in the
Springfield topology. Consider any security measures that can be implemented to
protect the devices from bogus BPDUs.
Note:When
approaching the spanning tree challenge,do
notconcern yourself with the multiple VLANs at
this time. Focus simply on the default VLAN1, which is the active VLAN that all
ports belong to in this topology at this time.
· Please
refer to the following configurations:
o SpringfieldSw1
o SpringfieldSw2
o SpringfieldSw3
o SpringfieldSw4
Worchester
Site Device and STP Configurations (Focus on the Worchester Site Only)
–
Required Implementation: Subnet
addressing to accommodate Worchester site
Subnetting:Properly
subnet addressing blocks to accommodate the site’s VLAN sizes. You will not need to
implement VLANs here; rather, you will create the correct sizing to properly
accommodate the devices stated per the xACME educational topology. Carefully
consider the challenges faced when structuring subnets too large and/or too
small during your design. The starting Worchester site addressing range is
10.20.0.0 /16 (per the xACME educational topology diagram). Formatting per
subnet should follow the format below and should be clearly stated and placed
within a table.
· NetID
· mask/CIDR
values
· broadcast
· usable
range
· No
additional device configurations required to complete
Boston
Site Routing Protocol, Route Summarization and Topology Improvements (Focus on
the Boston Site Only)
–
Required Implementation: Implement
a routing protocol to manage networks within the Boston site topology as well
as default routes to exit non-Boston traffic. Summarization addresses should be
stated per router in Boston’s topology. Consider redundancy upgrades as well
and document per topology.
· Routing
Protocol:Research the different routing
protocol types (distance vector/link state/hybrid) and choose a routing
protocol implement (OSPF, EIGRP, RIP). Justify your selection by defining its
strengths and weaknesses. Define the proper addressing block to assign per
point-to-point links and implement your solution per all three routers. Routing
protocol should be set up in a way to advertise all IP subnets, WAN, and LAN
interfaces on a router. Be sure to protect the advertisements of the routing
tables as well.
· Summarization:Define
the route summarization addresses for each Boston site router. These addresses
will not be implemented on the routers, but they will be documented in your
response. Each summarization address must be large enough to include all
required subnets contained within the underlying site subnets.
· Default
Route:Any traffic not matching internal networks
will need to be routed outward. Implement default routes on the site routers to
exit this traffic.
· Topology:Consider
the potential challenges with the current Boston site topology (cabling and
redundancy approach). If improvements are needed, update the topology and
discuss and routing redundancy approaches you see fit.
· Please
refer to the following configurations:
o BostonSiteRouter1
o BostonSiteRouter2
o BostonSiteRouter3
Sacramento
Site VLAN, Routing on a Stick (ROS) and DHCP Implementation (Focus on the Sacramento
Site Only)
–
Required Implementation: VLANs,
ROS, and DHCP implementation
· VLANs:Implement
the VLAN database on the Sacramento site switches. Explain the assignment of
switchport modes and how to implement each. Demonstrate how to implement port
security on the switchports to allow only two MAC addresses per port and
shutdowns for violations. Additionally, consider proper security management of
any unused ports.
o Provide
the VLAN IDs, ports with matching switchport modes, and sample configuration of
port security and port management steps.
· ROS:The
site will be treated as a routing on a stick (ROS) topology. Provide a sample
configuration for Sacramento fa0/0 interface to support the multiple VLANs and
inter-VLAN routing.
o To
simplify configuration, please use the following addressing:
§ faculty
VLAN: 10.50.0.0 /26
§ administrative
VLAN: 10.50.0.64 /26
§ instructional
VLAN: 10.50.0.128 /26
§ server
VLAN: 10.50.0.192 /26
· DHCP:The
site will need a solution to manage the deployment of IP addresses. Briefly
explain the purpose of DHCP and provide implementation of the DHCP
configuration for the VLANs. Be sure to include the pool name, exclude the last
10 addresses of each subnet range and configure the gateway, subnet mask, and
DNS address (Sacramento fa0/0 address).
· Please
refer to the following configurations:
o SacramentoSw1
o SacramentoSw2
o SacramentoSw3
o SacramentoRouter
Los
Angeles Site Management Technologies (Focus on the Los Angeles Site Only)
–
Required Implementation: Device
configuration remote storage, remote management of switches, ACL
implementation, and an NTP solution.
· Remote
IOS Storage:The site will require remote
storage of the devices’ configurations. Server details are provided per your
topology. You will determine the protocol to use and demonstrate how to
implement the solution.
· Remote
Management of Switches: All devices will be
configured to allow for remote management. You will be required to implement
this solution on the switches found on the site.
· ACL
Implementation:In order to restrict and
protect access to the devices, the only VLAN allowed to communicate remotely
with the devices should belong to the server VLAN. Determine the type of ACL to
implement and the placement of the list, and implement the solution on the site
router.
· Network
Time Protocol:Implement an NTP solution on
the devices found within this topology to ensure clock synchronization is
accomplished. The purpose would be for accurate logging records and
authentication protocols. Server details are provided per your topology.
· Please
refer to the following configurations:
o LosAngelesSw1
o LosAngelesSw2
o LosAngelesSw3
o LosAngelesRouter
xACME
WAN – WAN Implementation and Secure Communications (Focus on All Site Entry
Point Routers)
–
Required Implementation: WAN
Implementation, device authentication, and topology suggestions.
· WAN
Implementation:Current WAN links are
serial-based and connected over leased lines that are using the Cisco default
protocol for layer 2 connectivity. Authentication is not present at this time,
but the added security would be preferred. Research the available WAN protocols
and suggest a solution to provide authentication between devices. Implement
basic routing protocol authentication. Provide a sample implementation over
serial links for your systems administrator to follow. Included in this task
are device configurations for the current implementation.
· Topology:Currently,
the Los Angeles and Boston sites are connected across leased lines, and each
remains as the entry point to its respective regional locations. There is
growing concern over the amount of traffic both devices are handling. Review
the xAMCE educational topology and make recommendations to provide some
redundancy among sites, as well as to alleviate some of the bandwidth
requirements placed on both devices. This may require additional lines to be leased.
With your suggested improvements, update the topology as you see fit.
Note:Additional
addressing is available if needed. Simply create the additional ranges from the
provided available xACME public address range, 165.128.63.0 /26.
· Please
refer to the following configurations:
o BostonSiteRouter1
o WorchesterRouter
o SpringfieldRouter
o SacramentoRouter
o LosAngelesRouter
