Have a question or want to start a discussion? Post it! No Registration Necessary. Now with pictures!
November 18, 2005, 8:34 pm
rate this thread
Hi! I have some problems with solving skill exam. can somebody help me?
So scheme goes something like this - we have 3 routers, one is
headquater office named GAD, and branch offices routers are Boaz and
Aniston. There are switches, one on Aniston
one on Boaz and we have managment and production host one one switch and
management and production switch on the other host.
The exam goes like this ---
Location Anniston or Boaz
The wan IP network address is 192.168.1.0 Boaz, 192.168.101.0 Aniston
with subnet mask of 255.255.255.0
The local Lan has been assigned an IP network address of 172.31.0.0
Each subnet of the above network needs to accomodate 3000 host addresses.
Use the 2 usable subnet for the LAN. Do not use subnet zero as the first
The IGRP AS nubmer is 1.
Using the chart below, plan the first 10 usable subnets of the lan
network address, that was provided by the instructor
Subnet subnet adress subnet mask first host last host broadcast
0 Do not use subnet 0
The wan interface of GAD is assigned to lowest usable adress in the
Identify and use the second lowest usable wan address for the S0, or
S0/0, interface of the assigned router __________________.
For security reasons, the IP addresses of the assigned subnet are split
in two groups.
The production workstations will be assigned the lower half of the ip
addresses. The network devices and management stations will be assigned
the upper half of the ip addressese. The ethernet router interface is to
be assigned the highest usable address.
Identify the required IP address of the Ethernet interface on the
_______________________(based on exam version number and subnet assignment)
The host configurations must also be planned. Using the chart below
complete the host information.
Branch: IP adress range
Anniston or Boaz
Production host range
Management host range
Step 2: Security planning
There are several security concerns in the internetwork. Develop Access
control lists (ACLs) to address security issues. The following are the
1. The company has an Intranet Web server host that all systems can
reach at IP address 172.16.0.1 with only HTTP access. No other protocols
will be permitted to this site.
2. The company also has a server pool in the 220.127.116.11/24 network.
The server pool addresses are divided in half. The servers in the upper
half of the address range are reachable only by managent hosts using all
possible IP protocols. The servers in the lower half of the address
range are reachable by all LAN hosts using all possible IP protocols.
The servers should not be accessible by any other hosts.
3. The company has discovered an Internet Web server at 18.104.22.168 that
is known to contain viruses. All hosts are to be banned from reaching
4. All other traffic should be permited to any destination
These security requirements should be accomplished with a single access
list. Plan the access list required to accomplish these tasks, to which
interface this will be applied, and the direction the list will be applied.
Place the ACL plan information below.
Step 3: Cabling
Now that the planning process is complete, it is the time to construct
the physical layer. Using the diagram, connect all the associated
hardware for the local branch.
Step 4 Basic configuration
Apply a basic configuration to the router. This configuration should
include all the normal configuration items. These items include but are
not limited to router name, passwords, interface descriptions, routing,
host table, and a banner to be displayed before login.
The managment workstation and the production workstation should also be
configured with the appropriate information.
Step 5 Security configuration
After basic functionality is in place, security needs to be added to the
configuration. Using the security requirement and planning from previous
steps, implement and test these basic security functions.
Step 6 Troubleshooting
Now that everything is successfully configured , the instructor will
introduce some problems.
Tha steps and commands used to correct these issues must be documented.
The show running-config command should be used as a last resort.
Symptom/cause Commands/Results Detailed
- » Digital Printing Malaysia | Printing Company Malaysia| Dot2Dot
- — Newest thread in » Cisco Certification
- » You probably don't know the answer but what allows WiFi scanning anyway?
- — The site's Newest Thread. Posted in » Wireless Networking