Scribd Logo
Upload

Welcome to Scribd!

  • CCNA Final Project Tast

    Uploaded by

    sathish77s
    732 views3 pages
    The document outlines a Cisco CCNA Packet Tracer project to configure a network with four sites across Yemen. It includes 39 steps to configure routing, switching, VLANs, trunks, DHCP, DNS, ACLs, NAT, and PAT across the network to provide connectivity and services while enforcing security requirements.

    Original Description:

    don e

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines a Cisco CCNA Packet Tracer project to configure a network with four sites across Yemen. It includes 39 steps to configure routing, switching, VLANs, trunks, DHCP, DNS, ACLs, NAT, and PAT across the network to provide connectivity and services while enforcing security requirements.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    732 views3 pages

    CCNA Final Project Tast

    Uploaded by

    sathish77s
    The document outlines a Cisco CCNA Packet Tracer project to configure a network with four sites across Yemen. It includes 39 steps to configure routing, switching, VLANs, trunks, DHCP, DNS, ACLs, NAT, and PAT across the network to provide connectivity and services while enforcing security requirements.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    The Ultimate Cisco CCNA Packet Tracer Project Course

    CCNA Final Project

    1. The network contains four sites: Sana’a, Aden, Taiz, and Mukalla.
    2. In Sana’a, we have five VLANs: -
     IT: VLAN 1 – 192.168.1.0/24
     HR: VLAN 2 – 192.168.2.0/24
     Sales: VLAN 3 – 192.168.3.0/24
     Marketing: VLAN 4 – 192.168.4.0/24
     Servers: VLAN 7 – 192.168.7.0/24
    3. Set the history for the configuration mode to 30, so that we can show commands,
    and then copy and paste them.
    4. Configure the following passwords on all routers and switches, and ensure that they
    are encrypted:
     Console: cisco
     VTY: ccna
     Enable-secret: ultimate

    5. Configure the logging synchronous and exec-timeout 0 0 commands on the console


    of all routers and switches.
    6. Create the VLANs in all switches, and put the access ports in the required VLANs as in
    the diagram.
    7. Create Ether-channel trunks between the access switches and the distribution
    switches (L3 Switches).
    8. Create VLAN interfaces on L3 switches, and assign IP addresses to them.
    9. Assign IP addresses, subnet masks. Default gateways, and DNS Server IP to the
    servers manually.
    10. Make the L3 Switch No.1 the primary STP root & default-gateway for the IT, HR, and
    Servers VLANs (Use HSRP). Make the L3 Switch No.1 the secondary STP root &
    default-gateway for the Sales, and Marketing VLANs (Use HSRP).
    11. Make the L3 Switch No.2 the primary STP root & default-gateway for the Sales, and
    Marketing VLANs (Use HSRP). Make the L3 switch No.2 the secondary STP root &
    default-gateway for the IT, HR, and Servers VLANs (Use HSRP)
    The Ultimate Cisco CCNA Packet Tracer Project Course

    12. Add and configure an EtherChannel Trunk between the Layer 3 Switches directly.
    Remove the HSRP Configuration. Enable routing on the Layer 3 switches. Change the
    default gateway of the servers to be 192.168.7.100.
    13. Use the DHCP server to distribute IP addresses, Masks, default-gateways, and the
    DNS-server IP to the PCs. Hint: use the DHCP relay agent (IP helper-address
    command) on VLAN interfaces (1,2,3,4).
    14. Verify that Hosts have been assigned IP configuration, and ensure full connectivity
    inside Sana'a Site.
    15. Configure the L3 switches with IP addresses on the routed ports, that are connected
    to the main router (Hint: use no switchport command). Configure the required IP
    addresses on the router also.
    16. Create VLANs in the Switches of the Branches (Aden: 8 & 9, Taiz: 10 & 11, Mukalla:
    15 & 16) Configure access ports in the required VLANs in these switches.
    17. Configure Trunks to the routers on these switches. Configure sub-interfaces on the
    routers to be the default gateways for the VLANs.
    18. Connect Sana'a router to routers of Aden & Taiz using frame-relay (PVC 102201,
    103301). Use point-to-point subinterfaces for this purpose. Configure the required
    IP addresses as shown in the diagram. Configure all routers and switches in the
    topology with the corresponding hostnames.
    19. Connect Sana'a router to the router of Mukalla using PPP with chap authentication
    (password cisco). Configure the required IP addresses as shown in the diagram.
    20. Configure Sana'a router with static routes to all VLANs (1, 2, 3, 4, 7, 8, 9, 10, 11, 15,
    16), or use a dynamic routing protocol of your choice.
    21. Configure the L3 switches with a default static route to the main router (sana'a
    router), or use dynamic routing protocol of your choice
    22. Configure the routers of the branches with a default static route to the main router
    (sana'a router), or use a dynamic routing protocol of your choice.
    23. Use the DHCP server to distribute IP addresses, Masks, default-gateways, and DNS-
    server IP to the PCs in the branches. Hint: use DHCP relay agent (IP helper-address
    command) on the branches' routers.
    24. Configure the DNS server with the name resolution of the Web server
    (www.ultimate-stc.com), Google & Yahoo.
    25. Configure port security on all access ports in the L2 switches (Allow one device per
    port with shutdown mode for all VLANs except IT. Allow two devices with mode
    protect for IT VLAN. Use sticky for learning the MACs)
    The Ultimate Cisco CCNA Packet Tracer Project Course

    26. Change the STP mode to rapid-PVST on all Switches (L2 & L3).
    27. Configure portfast & BPDUGuard on all access ports in L2 switches.
    28. Using ACLs, allow only the required services to the servers for everyone (allow only
    HTTP to the web server, DNS to the DNS server, and DHCP to the DHCP Server). Allow
    only the IT users to ping the servers.
    29. Allow only IT users to telnet to the routers and L3 switches (Hint: use access-class
    command).
    30. Configure DHCP on the ISP router. The main router should take its IP from the ISP
    router.
    31. Configure the main router with a default static route to the internet. If you used
    OSPF, use the default-information originate command on this router to advertise
    the default route to the other routers and Layer 3 switches.
    32. Configure the ISP router with a default static route to the main router.
    33. Allow the IT users to access both Google & Yahoo. Allow other users to access
    Google only. Any other traffic should be denied except the return traffic from the
    servers or pings & telnet from the IT VLAN.
    34. Configure one ACL for all VLANs to be used with NAT.
    35. Configure All interfaces (except the Internet one –it should be NAT Outside-) on the
    main router to be NAT Inside.
    36. Configure PAT for all users (Use the outside interface for the overload).
    37. Add an external DNS server with an IP address of 200.1.1.3. Configure the external
    DNS Server with the name resolution of the internal Web server (www.ultimate-
    stc.com) after translation. Configure the internet user with the external DNS IP.
    38. Configure Static PAT for the internal web server so that the internet user can access
    the internal Web server (www.ultimate-stc.com).
    39. Ensure that all users can access each other and the internet, taking into account the
    security requirements listed above.

    You might also like