Detailed Configuration of Sacramento VLANs with Security Features

Verified

Added on 2019/09/25

AI Summary

This assignment details the configuration of VLANs for a Sacramento network, focusing on network segmentation, security, and remote access. It covers the setup of multiple VLANs (Network Management, Staff, Admin) with specific subnets and security configurations, including port security. The solution demonstrates router-on-a-stick configuration for inter-VLAN routing, DHCP server setup for dynamic IP address assignment, and the implementation of PPP authentication (PAP and CHAP) for secure point-to-point connections between Sacramento and Los Angeles sites. The configuration includes router commands for VLAN interfaces, DHCP pools, and PPP authentication settings, ensuring secure remote management and data transmission. The Los Angeles site's device and network configuration are also included.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Sacramento
VLANs: We need to configure VLAN for end devices with security. VLANs as mention below
with subnet.
VLAN Subnet Subnet-mask First valid IP Last valid
IP
Assign to
VLAN 1 10.11.1.0 255.255.255.0 10.11.1.1 10.11.1.1 Network Management
VLAN 10 10.11.10.0 255.255.255.0 10.11.10.1 10.11.10.1 Staff
VLAN 11 10.11.11.0 255.255.255.0 10.11.11.1 10.11.11.1 Admin
VLAN 12 10.11.12.0 255.255.255.0 10.11.12.1 10.11.12.1 Server
Sample configuration for each End devices.
interface ga0/1
switchport mode access
switchport port-security
switchport port-security mac sticky
switchport port-security violation shutdown
show port-security address will display the ports with matching switchport modes security
settings .
ROS: Router On Stick
All VLAN subnet gateway is configure on Router.
SR(config)#int fastEthernet 0/0.1
SR(config-subif)#encapsulation dot1Q 1
SR(config-subif)#ip address 10.11.1.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.10
SR(config-subif)#encapsulation dot1Q 10
SR(config-subif)#ip address 10.11.10.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.11
SR(config-subif)#encapsulation dot1Q 11

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SR(config-subif)#ip address 10.11.11.1 255.255.255.0
SR(config-subif)#exit
SR(config)#int fastEthernet 0/0.12
SR(config-subif)#encapsulation dot1Q 12
SR(config-subif)#ip address 10.11.12.1 255.255.255.0
SR(config-subif)#exit
DHCP - is used to dynamically assign ip address to the hosts on the VLAN.
SR(config)# ip name-server 10.11.12.10
SR(config)# ip dhcp excluded-address 10.11.10.1 – 10.11.10.30
SR(config)# ip dhcp pool VLAN10
SR(config-dhcp)#network 10.11.10.0 255.255.255.0
SR(config-dhcp)#default-router 10.11.10.1
SR(config-dhcp)# dns-server 10.11.12.11
Los Angeles Site Management
Los Angeles site can be remotely from other sites via SSH/HTTPS.
We can manage Network devices, Server Devices, End user devices etc. Los Angeles
management can be done remotely.
Staff VLAN = 25 devices
Admin VLAN = 40 devices
Instructional VLAN = 120 devices
Server VLAN = 21 devices
xACME
Dedicated point-to-point lease line between two sites. The protocols used are most often HDLC
(High-Level Data Link Control) and PPP (Point-to-Point Protocol).
Point-to-Point Protocol (PPP) is used on serial connections between two routers. PPP is designed
to allow to use network protocols and also supports two types of
authentications CHAP Challenge Handshake Authentication Protocol and PAP password

Authentication Protocol. Network Control Protocol (NCP) provides the encapsulating multiple
network layer protocols across the PPP data link.
Sacramento Router
SR#config t
SR(config)#username RO password orbit
SR(config)#interface se0/0/0
SR(config-if)#encapsulation ppp
SR(config-if)#ppp authentication PAP
SR(config-if)#ppp pap sent-username HQ password orbit
SR(config-if)#end
Los Angeles router
LAR#Config t
LAR(config)#username HQ password orbit
LAR(config)#interface se0/0/0
LAR(config-if)#encapsulation ppp
LAR(config-if)#ppp authentication PAP
LAR(config-if)#ppp pap sent-username RO password orbit
LAR(config-if)#end
CHAP (Challenge Handshake Authentication Protocol)

hostname SR
username remote_router password 0 cisco
interface fa0/23
ip address 165.12863.2/26
encapsulation ppp
ppp authentication chap
autoselect ppp
login local
login
end
hostname LAR
username host_router password 0 cisco
interface fa0/24
ip address 10.255.255.252/30
encapsulation ppp
ppp authentication chap
autoselect ppp
login local
login
end

1 out of 4

+13062052269

info@desklib.com

Detailed Configuration of Sacramento VLANs with Security Features

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

Sacramento VLANs: Configuration, Security, and Router-on-a-Stick

Network Configuration Practical

CMIT 350: WAN and SOHO Skills Implementation: Router and Switch Setup

IT273 - Module 4: Configuring WAN and Wireless Networks

CCE3060 - Lab Test 4: Network Configuration Analysis and Correction