Untitled
unknown
plain_text
16 days ago
15 kB
5
Indexable
================================================================ SECTION A — TABLES (paste into Excel) ================================================================ ---------------------------------------------------------------- TABLE 1 — VLSM SUBNETTING (23.122.34.0/24) ---------------------------------------------------------------- Network Area | Devices+GW | Size | Network Addr | Subnet Mask | Usable IP Range | Broadcast ------------------------|------------|------|-----------------|-------------------|----------------------------------|------------------ Karachi PCs (VLAN 30) | 8+1=9 | /28 | 23.122.34.0 | 255.255.255.240 | 23.122.34.1 – 23.122.34.14 | 23.122.34.15 Larkana LAN | 6+1=7 | /28 | 23.122.34.16 | 255.255.255.240 | 23.122.34.17 – 23.122.34.30 | 23.122.34.31 Hyderabad LAN | 5+1=6 | /29 | 23.122.34.32 | 255.255.255.248 | 23.122.34.33 – 23.122.34.38 | 23.122.34.39 Karachi Servers(VLAN10) | 2+1=3 | /29 | 23.122.34.40 | 255.255.255.248 | 23.122.34.41 – 23.122.34.46 | 23.122.34.47 Karachi Printers(VLAN20)| 2+1=3 | /29 | 23.122.34.48 | 255.255.255.248 | 23.122.34.49 – 23.122.34.54 | 23.122.34.55 WAN (KHI – HYD) | 2 | /30 | 23.122.34.56 | 255.255.255.252 | 23.122.34.57 – 23.122.34.58 | 23.122.34.59 WAN (KHI – LRK) | 2 | /30 | 23.122.34.60 | 255.255.255.252 | 23.122.34.61 – 23.122.34.62 | 23.122.34.63 WAN (HYD – LRK) | 2 | /30 | 23.122.34.64 | 255.255.255.252 | 23.122.34.65 – 23.122.34.66 | 23.122.34.67 WAN (KHI – ISP) | 2 | /30 | 23.122.34.68 | 255.255.255.252 | 23.122.34.69 – 23.122.34.70 | 23.122.34.71 ---------------------------------------------------------------- TABLE 2 — FULL ADDRESSING TABLE (Excel Sheet 1) ---------------------------------------------------------------- Device | Interface | IP Address | Subnet Mask | Gateway --------------------|------------------------|-----------------|-------------------|------------------ KHI-Router | G0/0 → ISP | 23.122.34.69 | 255.255.255.252 | — KHI-Router | G0/1.10 (Servers) | 23.122.34.41 | 255.255.255.248 | — KHI-Router | G0/1.20 (Printers) | 23.122.34.49 | 255.255.255.248 | — KHI-Router | G0/1.30 (PCs) | 23.122.34.1 | 255.255.255.240 | — KHI-Router | S0/0/0 → HYD | 23.122.34.57 | 255.255.255.252 | — KHI-Router | S0/0/1 → LRK | 23.122.34.61 | 255.255.255.252 | — HYD-Router | G0/0 (LAN) | 23.122.34.33 | 255.255.255.248 | — HYD-Router | S0/0/0 → KHI | 23.122.34.58 | 255.255.255.252 | — HYD-Router | S0/0/1 → LRK | 23.122.34.65 | 255.255.255.252 | — LRK-Router | G0/0 (LAN) | 23.122.34.17 | 255.255.255.240 | — LRK-Router | S0/0/0 → KHI | 23.122.34.62 | 255.255.255.252 | — LRK-Router | S0/0/1 → HYD | 23.122.34.66 | 255.255.255.252 | — ISP-Router | G0/0 → KHI | 23.122.34.70 | 255.255.255.252 | — KHI-Switch | VLAN 30 mgmt | 23.122.34.2 | 255.255.255.240 | 23.122.34.1 HYD-Switch | VLAN 1 mgmt | 23.122.34.35 | 255.255.255.248 | 23.122.34.33 LRK-Switch | VLAN 1 mgmt | 23.122.34.20 | 255.255.255.240 | 23.122.34.17 Karachi Server 0 | NIC | 23.122.34.42 | 255.255.255.248 | 23.122.34.41 Karachi Server 1 | NIC | 23.122.34.43 | 255.255.255.248 | 23.122.34.41 Karachi Printer 0 | NIC | 23.122.34.50 | 255.255.255.248 | 23.122.34.49 Karachi Printer 1 | NIC | 23.122.34.51 | 255.255.255.248 | 23.122.34.49 Hyderabad Printer | NIC | 23.122.34.34 | 255.255.255.248 | 23.122.34.33 Larkana Printer | NIC | 23.122.34.18 | 255.255.255.240 | 23.122.34.17 Larkana Server | NIC | 23.122.34.19 | 255.255.255.240 | 23.122.34.17 All PCs | NIC | DHCP | DHCP | DHCP ---------------------------------------------------------------- TABLE 3 — END DEVICE STATIC IPs (for Packet Tracer Desktop tab) ---------------------------------------------------------------- Device | IP Address | Subnet Mask | Default Gateway | DNS --------------------|-----------------|-------------------|-----------------|---------- Karachi Server 0 | 23.122.34.42 | 255.255.255.248 | 23.122.34.41 | 8.8.8.8 Karachi Server 1 | 23.122.34.43 | 255.255.255.248 | 23.122.34.41 | 8.8.8.8 Karachi Printer 0 | 23.122.34.50 | 255.255.255.248 | 23.122.34.49 | 8.8.8.8 Karachi Printer 1 | 23.122.34.51 | 255.255.255.248 | 23.122.34.49 | 8.8.8.8 Hyderabad Printer | 23.122.34.34 | 255.255.255.248 | 23.122.34.33 | 8.8.8.8 Larkana Printer | 23.122.34.18 | 255.255.255.240 | 23.122.34.17 | 8.8.8.8 Larkana Server | 23.122.34.19 | 255.255.255.240 | 23.122.34.17 | 8.8.8.8 All PCs | DHCP | DHCP | DHCP | DHCP ---------------------------------------------------------------- TABLE 4 — VLAN PORT ASSIGNING TABLE — KHI Switch (Excel Sheet 2) ---------------------------------------------------------------- VLAN | Name | Ports | Type | Notes ------|----------|-----------------|----------|---------------------------------------------- 10 | Servers | Fa0/1, Fa0/2 | Access | Port security enabled — violation: shutdown 20 | Printers | Fa0/3, Fa0/4 | Access | Normal access ports 30 | PCs | Fa0/5 – Fa0/12 | Access | 8 ports for 8 PCs — | Trunk | Gig0/1 | Trunk | Carries all VLANs to KHI Router G0/1 — | Unused | Fa0/13 – Fa0/24 | Shutdown | All unused ports administratively down ================================================================ SECTION B — ALL COMMANDS (with your IPs) ================================================================ ---------------------------------------------------------------- ISP ROUTER ---------------------------------------------------------------- enable configure terminal hostname ISP enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption banner motd "Welcome to ISP, Unauthorized access to this device is strictly prohibited" interface GigabitEthernet0/0 description TO KARACHI ROUTER ip address 23.122.34.70 255.255.255.252 no shutdown exit interface Loopback0 ip address 8.8.8.8 255.255.255.255 exit ip route 23.122.34.0 255.255.255.0 23.122.34.69 end copy running-config startup-config ---------------------------------------------------------------- KHI ROUTER ---------------------------------------------------------------- enable configure terminal hostname KHI-Router enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption no ip domain-lookup banner motd "Welcome to Karachi, Unauthorized access to this device is strictly prohibited" interface GigabitEthernet0/0 description TO ISP ip address 23.122.34.69 255.255.255.252 ip nat outside no shutdown exit interface GigabitEthernet0/1 description TRUNK TO KARACHI SWITCH no ip address no shutdown exit interface GigabitEthernet0/1.10 description VLAN 10 SERVERS GATEWAY encapsulation dot1Q 10 ip address 23.122.34.41 255.255.255.248 ip nat inside exit interface GigabitEthernet0/1.20 description VLAN 20 PRINTERS GATEWAY encapsulation dot1Q 20 ip address 23.122.34.49 255.255.255.248 ip nat inside exit interface GigabitEthernet0/1.30 description VLAN 30 PCs GATEWAY encapsulation dot1Q 30 ip address 23.122.34.1 255.255.255.240 ip nat inside exit interface Serial0/0/0 description WAN TO HYDERABAD ip address 23.122.34.57 255.255.255.252 ip nat inside clock rate 64000 no shutdown exit interface Serial0/0/1 description WAN TO LARKANA ip address 23.122.34.61 255.255.255.252 ip nat inside clock rate 64000 no shutdown exit ip route 23.122.34.32 255.255.255.248 23.122.34.58 ip route 23.122.34.16 255.255.255.240 23.122.34.62 ip route 23.122.34.64 255.255.255.252 23.122.34.58 ip route 0.0.0.0 0.0.0.0 23.122.34.70 ip dhcp excluded-address 23.122.34.1 23.122.34.2 ip dhcp excluded-address 23.122.34.33 23.122.34.35 ip dhcp excluded-address 23.122.34.17 23.122.34.20 ip dhcp pool KARACHI-PCs network 23.122.34.0 255.255.255.240 default-router 23.122.34.1 dns-server 8.8.8.8 exit ip dhcp pool HYDERABAD-PCs network 23.122.34.32 255.255.255.248 default-router 23.122.34.33 dns-server 8.8.8.8 exit ip dhcp pool LARKANA-PCs network 23.122.34.16 255.255.255.240 default-router 23.122.34.17 dns-server 8.8.8.8 exit access-list 1 permit 23.122.34.0 0.0.0.255 ip nat inside source list 1 interface GigabitEthernet0/0 overload access-list 10 deny 23.122.34.32 0.0.0.7 access-list 10 permit any access-list 11 deny 23.122.34.32 0.0.0.7 access-list 11 permit any interface GigabitEthernet0/1.30 ip access-group 10 out exit interface GigabitEthernet0/1.20 ip access-group 11 out exit end copy running-config startup-config ---------------------------------------------------------------- HYD ROUTER ---------------------------------------------------------------- enable configure terminal hostname HYD-Router enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption no ip domain-lookup banner motd "Welcome to Hyderabad, Unauthorized access to this device is strictly prohibited" interface GigabitEthernet0/0 description LAN HYDERABAD ip address 23.122.34.33 255.255.255.248 ip helper-address 23.122.34.57 no shutdown exit interface Serial0/0/0 description WAN TO KARACHI ip address 23.122.34.58 255.255.255.252 no shutdown exit interface Serial0/0/1 description WAN TO LARKANA ip address 23.122.34.65 255.255.255.252 clock rate 64000 no shutdown exit ip route 23.122.34.0 255.255.255.240 23.122.34.57 ip route 23.122.34.40 255.255.255.248 23.122.34.57 ip route 23.122.34.48 255.255.255.248 23.122.34.57 ip route 23.122.34.16 255.255.255.240 23.122.34.66 ip route 0.0.0.0 0.0.0.0 23.122.34.57 end copy running-config startup-config ---------------------------------------------------------------- LRK ROUTER ---------------------------------------------------------------- enable configure terminal hostname LRK-Router enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption no ip domain-lookup banner motd "Welcome to Larkana, Unauthorized access to this device is strictly prohibited" interface GigabitEthernet0/0 description LAN LARKANA ip address 23.122.34.17 255.255.255.240 ip helper-address 23.122.34.61 no shutdown exit interface Serial0/0/0 description WAN TO KARACHI ip address 23.122.34.62 255.255.255.252 no shutdown exit interface Serial0/0/1 description WAN TO HYDERABAD ip address 23.122.34.66 255.255.255.252 no shutdown exit ip route 23.122.34.0 255.255.255.240 23.122.34.61 ip route 23.122.34.40 255.255.255.248 23.122.34.61 ip route 23.122.34.48 255.255.255.248 23.122.34.61 ip route 23.122.34.32 255.255.255.248 23.122.34.65 ip route 0.0.0.0 0.0.0.0 23.122.34.61 end copy running-config startup-config ---------------------------------------------------------------- KHI SWITCH ---------------------------------------------------------------- enable configure terminal hostname KHI-Switch enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption banner motd "Welcome to Karachi, Unauthorized access to this device is strictly prohibited" vlan 10 name Servers exit vlan 20 name Printers exit vlan 30 name PCs exit interface range FastEthernet0/1-2 switchport mode access switchport access vlan 10 switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown exit interface range FastEthernet0/3-4 switchport mode access switchport access vlan 20 exit interface range FastEthernet0/5-12 switchport mode access switchport access vlan 30 exit interface GigabitEthernet0/1 switchport mode trunk exit interface range FastEthernet0/13-24 shutdown exit interface GigabitEthernet0/2 shutdown exit interface vlan 30 ip address 23.122.34.2 255.255.255.240 no shutdown exit ip default-gateway 23.122.34.1 end copy running-config startup-config ---------------------------------------------------------------- HYD SWITCH ---------------------------------------------------------------- enable configure terminal hostname HYD-Switch enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption banner motd "Welcome to Hyderabad, Unauthorized access to this device is strictly prohibited" interface range FastEthernet0/6-24 shutdown exit interface GigabitEthernet0/2 shutdown exit interface vlan 1 ip address 23.122.34.35 255.255.255.248 no shutdown exit ip default-gateway 23.122.34.33 end copy running-config startup-config ---------------------------------------------------------------- LRK SWITCH ---------------------------------------------------------------- enable configure terminal hostname LRK-Switch enable secret class line console 0 password cisco login exit line vty 0 15 password Line login exit service password-encryption banner motd "Welcome to Larkana, Unauthorized access to this device is strictly prohibited" interface range FastEthernet0/7-24 shutdown exit interface GigabitEthernet0/2 shutdown exit interface vlan 1 ip address 23.122.34.20 255.255.255.240 no shutdown exit ip default-gateway 23.122.34.17 end copy running-config startup-config ================================================================ SECTION C — ACL / NAT VERIFICATION PINGS ================================================================ From a Hyderabad PC: ping 23.122.34.42 <- Karachi Server 0 — should SUCCEED ping 23.122.34.3 <- Karachi PC — should FAIL (ACL blocks) ping 23.122.34.50 <- Karachi Printer — should FAIL (ACL blocks) NAT test — after pinging 8.8.8.8 from any PC, run on KHI Router: show ip nat translations Expected: 23.122.34.69:x <-> 23.122.34.x (PC) -> 8.8.8.8 ================================================================ END OF FILE ================================================================
Editor is loading...
Leave a Comment