Question: PHASE III (70 Points Total)Due Week 7 Task 1: Configure the NY router as a DHCPv4 server for the executive and engineering VLAN. ( 4
PHASE III (70 Points Total)Due Week 7
Task 1: Configure the NY router as a DHCPv4 server for the executive and engineering VLAN. (4 points
| Configuration Task | Required Information | Points |
|
|
|
|
| Reserve the first 10 IP addresses in VLAN 15 for static configurations. |
| (1 point) |
| Reserve the first 10 IP addresses in VLAN 25 for static configurations. |
| (1 point) |
| Create a DHCP pool for VLAN 15. | Name: EXECUTIVE DNS-Server: 192.168.1.45 Domain-Name: hitech.net Set the default gateway. | (1 point) |
| Create a DHCP pool for VLAN 25. | Name: ENGINEERING DNS-Server: 192.168.1.45 Domain-Name: engineering.com Set the default gateway. | (1 point) |
Task 2: Restrict Access to the VTY Lines to only come from Native&Management VLAN. (15 points)
| Configuration Task | Required Information | Points |
| Configure a named access list to only allow Native&Management VLAN to SSH to the routers. | ACL Name: NETMGMT | 5 |
| Apply the named ACL to the VTY lines. |
| 5 |
| Verify ACL is working as expected. |
| 5 |
Task 3: Configure static and dynamic NAT on NY. (25 points)
| Configuration Task | Required Information | Points |
| Create a local database with one user account. Use the command username webadmin privilege 15 secret cisco123. | Username: webadmin Password: cisco123 Privilege level: 15 | 5 |
| Enable HTTP server service. | ip http ? | 2 |
| Configure the HTTP server to use the local database for authentication. | ip http authentication ? | 2 |
| Create a static NAT to the web server. | Inside Global Address: 209.107.23.66 --> | 2 |
| Configure NYs Loopback 0 interface with the following IP address. This is a simulated internal web server. | 192.168.1.200/32 | 1 |
| Assign the inside and outside interface for the static NAT. | 192.168.1.200 209.107.23.66 /26 | 1 |
| Configure the dynamic NAT inside private ACL. | Access List: 10 Allow the executive and engineering networks on NY to be translated. Allow a summary of the LANs (loopback) networks on IL and CA to be translated. Do not allow the Services and Native&Management VLANs to be translated. | 5 |
| Define the pool of usable public IP addresses. | Pool Name: THE_NET Pool of addresses include: 209.107.23.68 209.107.23.75 | 5 |
| Define the dynamic NAT translation. |
| 2 |
Task 4: Secure the network services. (16 points)
| Configuration Task | Required Information | Points |
| Configure an extended ACL to allow Internet hosts WWW access to the simulated web server on NY by accessing the static NAT address (209.107.23.66 /26) that you configured in Task 3; allow Internet hosts DNS access to the simulated web server on NY by accessing the static NAT address (209.107.23.66 /26) that you configured in Task 3; and prevent traffic from the Internet from pinging internal networks, while continuing to allow LAN interfaces to ping the Internet hosts. | ACL No.: 105 | 10 |
| Apply ACL to the appropriate interface(s). |
| 6 |
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help