PricingBlogAbout Us

Detailed Configuration of Sacramento VLANs with Security Features

Verified

Added on  2019/09/25

|4
|610
|197
Practical Assignment
AI Summary
This assignment details the configuration of VLANs for a Sacramento network, focusing on network segmentation, security, and remote access. It covers the setup of multiple VLANs (Network Management, Staff, Admin) with specific subnets and security configurations, including port security. The solution demonstrates router-on-a-stick configuration for inter-VLAN routing, DHCP server setup for dynamic IP address assignment, and the implementation of PPP authentication (PAP and CHAP) for secure point-to-point connections between Sacramento and Los Angeles sites. The configuration includes router commands for VLAN interfaces, DHCP pools, and PPP authentication settings, ensuring secure remote management and data transmission. The Los Angeles site's device and network configuration are also included.
Document Page
Sacramento
VLANs: We need to configure VLAN for end devices with security. VLANs as mention below
with subnet.
VLAN Subnet Subnet-mask First valid IP Last valid
IP
Assign to
VLAN 1 10.11.1.0 255.255.255.0 10.11.1.1 10.11.1.1 Network Management
VLAN 10 10.11.10.0 255.255.255.0 10.11.10.1 10.11.10.1 Staff
VLAN 11 10.11.11.0 255.255.255.0 10.11.11.1 10.11.11.1 Admin
VLAN 12 10.11.12.0 255.255.255.0 10.11.12.1 10.11.12.1 Server
Sample configuration for each End devices.
interface ga0/1
switchport mode access
switchport port-security
switchport port-security mac sticky
switchport port-security violation shutdown
show port-security address will display the ports with matching switchport modes security
settings .
ROS: Router On Stick
All VLAN subnet gateway is configure on Router.
SR(config)#int fastEthernet 0/0.1
SR(config-subif)#encapsulation dot1Q 1
SR(config-subif)#ip address 10.11.1.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.10
SR(config-subif)#encapsulation dot1Q 10
SR(config-subif)#ip address 10.11.10.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.11
SR(config-subif)#encapsulation dot1Q 11
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
SR(config-subif)#ip address 10.11.11.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.12
SR(config-subif)#encapsulation dot1Q 12
SR(config-subif)#ip address 10.11.12.1 255.255.255.0
SR(config-subif)#exit
DHCP - is used to dynamically assign ip address to the hosts on the VLAN.
SR(config)# ip name-server 10.11.12.10
SR(config)# ip dhcp excluded-address 10.11.10.1 – 10.11.10.30
SR(config)# ip dhcp pool VLAN10
SR(config-dhcp)#network 10.11.10.0 255.255.255.0
SR(config-dhcp)#default-router 10.11.10.1
SR(config-dhcp)# dns-server 10.11.12.11
Los Angeles Site Management
Los Angeles site can be remotely from other sites via SSH/HTTPS.
We can manage Network devices, Server Devices, End user devices etc. Los Angeles
management can be done remotely.
Staff VLAN = 25 devices
Admin VLAN = 40 devices
Instructional VLAN = 120 devices
Server VLAN = 21 devices
xACME
Dedicated point-to-point lease line between two sites. The protocols used are most often HDLC
(High-Level Data Link Control) and PPP (Point-to-Point Protocol).
Point-to-Point Protocol (PPP) is used on serial connections between two routers. PPP is designed
to allow to use network protocols and also supports two types of
authentications CHAP Challenge Handshake Authentication Protocol and PAP password
Document Page
Authentication Protocol. Network Control Protocol (NCP) provides the encapsulating multiple
network layer protocols across the PPP data link.
Sacramento Router
SR#config t
SR(config)#username RO password orbit
SR(config)#interface se0/0/0
SR(config-if)#encapsulation ppp
SR(config-if)#ppp authentication PAP
SR(config-if)#ppp pap sent-username HQ password orbit
SR(config-if)#end
Los Angeles router
LAR#Config t
LAR(config)#username HQ password orbit
LAR(config)#interface se0/0/0
LAR(config-if)#encapsulation ppp
LAR(config-if)#ppp authentication PAP
LAR(config-if)#ppp pap sent-username RO password orbit
LAR(config-if)#end
CHAP (Challenge Handshake Authentication Protocol)

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
hostname SR
username remote_router password 0 cisco
interface fa0/23
ip address 165.12863.2/26
encapsulation ppp
ppp authentication chap
autoselect ppp
login local
login
end
hostname LAR
username host_router password 0 cisco
interface fa0/24
ip address 10.255.255.252/30
encapsulation ppp
ppp authentication chap
autoselect ppp
login local
login
end
chevron_up_icon
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.