You have been hired as a Network Analyst for WDKA, Inc. WDKA has a single site l
ID: 3822595 • Letter: Y
Question
You have been hired as a Network Analyst for WDKA, Inc. WDKA has a single site located in Perrysburg, Ohio, with 32 devices on an Ethernet network. Your job is to link WDKA’s existing network to the Internet. The internal network number is 10.5.10.0/24 and cannot be changed. When WDKA originally installed the network, IP address 10.5.10.1 was reserved for the “Internet router” (The “Internet router” has not yet been purchased). WDKA would also like to use their internal Windows 2012 Exchange Server as their inbound SMTP mail server. The IP address of the Exchange Server is 10.5.10.43. WDKA is unsure of how to obtain an Internet connection and which items to purchase.
a. Discuss the various methods by which WDKA might connect to the Internet (both physical and logical connections). Make a judgment about which physical and logical method(s) might be best for WDKA and explain all Security measures you would recommend to WDKA. Justify your answer.
b. Based on the method and security measures selected above, identify the equipment (in complete detail) WDKA would have to purchase in order to connect to the Internet (assume only CISCO network equipment).
c. Produce a working handwritten configuration file for WDKA’s router. This configuration file must accomplish the needs of WDKA Inc. using the method(s) and equipment selected in (a) and (b) above.
d. SSK Software has entered into a long term Software support contract with WDKA, Inc. In order to completely and/or timely support the needs of WDKA, Inc. SSK Software would like to inter-connect the two networks via a CISCO router. Using the network layout, you selected for SSK Software in question 2(b), using information and methods obtained from this CSET4750 class;
i. Propose a physical and logical plan to inter-connect the two networks without changing either company’s network numbering scheme. Include (in detail) any equipment either company would need to purchase to accomplish the plan.
ii. WDKA would like to limit SSK Software’s remote access onto its network. What entries would need to be configured in order to limit SSK Software’s remote access onto WDKA’s network to just two PC’s at a time (any PC from SSK Software’s network can access WDKA’s network, restricted to only 2 concurrent connections), using only protocols TCP and/or RDP for remote support?
Explanation / Answer
a.
Physical connections:
Physical connections deal with the real devices and cables and how the topology is used. It is the way in which the network is layed out. Physical devices commonly used in the network are: switches, routers, host machines, and cabing.
Logical connections:
Logical connection refers to the way in which the physical network is used. How virtually the network is divided. Logical network is used in virtual environment.
Way of connecting to the internet are:
b.
Cisco equipment required are as follows:
c.
Address: 10.5.10.0 00001010.00000101.00001010 .00000000
Netmask: 255.255.255.0 11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
Network: 10.5.10.0/24 00001010.00000101.00001010 .00000000
Broadcast: 10.5.10.255 00001010.00000101.00001010 .11111111
HostMin: 10.5.10.2 00001010.00000101.00001010 .00000001
HostMax: 10.5.10.254 00001010.00000101.00001010 .11111110
Hosts/Net: 254
Internet router IP : 10.5.10.1
Excahnge Server: 10.5.10.43
32 devices can be allotted the IP address in the following range.
10.5.10.2 – 10.5.10.33
To configure the network connect 32 host with the switch and connect the switch with the router.
Use a switch connect it with hosts and the routers.
Create a dhcp Pool that will dynamically assign the IP address to the host with IP in range 10.5.10.2 – 10.5.10.33 :
ip dhcp pool Slot
network 10.5.10.2 255.255.255.255
ip dhcp excluded address 10.5.10.34 10.5.10.255
ip dhcp excluded address 10.5.10.1
default-router 10.5.10.1
dns-server 10.5.10.1
exit
Give the IP address to the internet router and connect the internet router with the switch :
interface <port>
ip address 10.5.10.1 255.255.255.0
Give the IP address to the exchange server as:
Interface <port>
ip address 10.5.10.43 255.255.255.0
Connect the exchange server with the switch.
Use the protocol such as bgp(Border gateway protocol) to provide the internet connectivity and the connectivity with the external organization.
d.
i.
Configure the router at both end by using the following command to connect SSK withWDKA network:
Connect the SSK external router with the WDKA external router and then configure EIGRP on both side with process ID and broadcast the network in it.
R(config)#router eigrp 100
R(config-router)#net 10.5.10.0
R(config-router)#net 206.122.0.0
R(config-router)#net 192.168.0.0
R(config-router)#net 205.0.0.0
R(config-router)#net 205.125.0.0
R(config-router)#net 210.126.137.0
R(config-router)#net 10.0.0.0
R(config-router)#no auto-summary
R(config-router)#end
EBGP can also be used to connect SSK and WDKA.
ii.
In order to restrict the remote access to two PC’s configure the access list on WDKA network by permitting the tcp network and limiting access to two PC’s.
Access list is as follows:
(config)# access list CONNS extended permit ip any any
(config)# class-map connect
(config-cmap)# match access-list connect
(config)# policy-map connect
(config-pmap)# class connect
(config-pmap-c)#
(config-pmap-c)# set connection conn-max 1000 embryonic-conn-max 2 per-client-embryonic-max 2 per-client-max 2
(config-pmap-c)# set connection timeout tcp 2:0:0 embryonic 0:40:0 half-closed 0:20:0 dcd
(config-pmap-c)# service-policy connect interface outside
First creat the access list then create the class map then add the access list to the class map. Set the connection limits and timeout. At last apply the connection on the interface.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.