1 Basic configuration
1.1 Router and switch’ name as Topology, clock rate 64000,
1.2 Password: enable secret cisco and pass cisco on line vty 0 4 on all routers.
2 IP address.
Configure network address as topology.
ISP serial interfaces have configured IP address as topology.
Assign IP address for all router interface or subinterface follow :
1. Routers: R1_HQ: +1; R2_HQ: +2; R3_BR: +3,
2. Server: Mail +5, DHCP +6.
Example: in the subnetwork: 184.108.40.206/29,
- interface S0/0/1 of router R3_BR: 220.127.116.11/29, (19=16+3)
- interface S0/0/1 of router R1_HQ: 18.104.22.168/29, (17=16+1)
3 VTP, Vlan, Trunking, Inter-vlan Routing, STP
3.1 Trunking: Configured the links connect between switchs, the link connect switch to router as trunk links with encapsulation mode is dot1Q.
3.2 VTP: Configured switch mode as topology with the parameters:
Domain: HeadQuarterPass: HQP@ss
Domain: BranchOfficePass: BRP@ss
3.3 Vlan: Creat the VLANs in both regions as follow:
VLAN 10: Tech access port: f0/5 – f0/10
VLAN 20: Sale access port: f0/11 – f0/15
VLAN 30: Admin access port: f0/16 – f0/20
Assign PC into the VLANs with the corresponding pcs’ name.
3.4 Inter-vlan Routing: Configured Inter-vlan Routing in routers R1 and R2 for all vlans using Subinterface ID as VLANsID, assign IP address for each sub-interface as 172.16.X.Y/24 in HeadQuarter and 10.0.X.Y/24 intBrachOffice (where X: VLAN ID, Y: router ID)
Example: Subinterface of f0/0 in Router R2_HQ for VLAN10. 172.16.10.2 (10: VLAN 10, 2: router R2).
4.1 The Frame-Relay switch had been configured correctly. Serial interfaces of router R1, R3 set the default encapsulation type. Specify OSPF point-to-point network by the ip ospf network point-to-point command.
4.2 Enable OSPF in all serial interfaces connect between R1and R3 using network directly-connected-subnet wildcard-mask area 0 command.
On R1-R3: OSPF over Frame relay using authentication with MD5 ( keyID:13 - keyString:cisco13)
- R3 propagate its network (10.0.X.0/24) into OSPF domain, using network directly-connected-subnet wildcard-mask area 0 command.
- Between R1, R2 use EIGRP 12 to share routing information using network wildcard-mask command
- In R1, Between EIGRP and OSPF areas configure redistribute where necessary with the parameters
- To EIGRP: bandwidth 1544, delay 1000ms, reliability 255, load 1, MTU 1500.
- To OSPF: use Keyword subnets to redistribute classless network.
4.3 Router R1 and R3 configure default route to ISP using exit interface, and propagate this route to its region
Configure PPP PAP 1 way on routers R1 and R3 connect to ISP router, using username/password:
- BR/BRP for R3_BR.
- HQ/HQP for R1_HQ
Configure PPP PAP 2-way on router wan’link between R1 and R2 using this username/password
|In Router R1, R3 configure NAT interface overload .||R1_HQ: configure to all users in HeadQuarterregion (172.16.0.0/16) network NAT overload to interface s0/0/0 using ACL 1.||R3_BR: configure to all users in BranchOfficeregion (10.0.0.0/8) network NAT overload to interface s0/0/0 using|
|Nat static||On R1_HQ: Publish the servers EMAIL using public ip add : 22.214.171.124|
7.1 In Headquarter DHCP server assign IP address for users of VLAN 10, 20, 30 with the pool names.
- Tech for VLAN 10: 172.16.10.0/24, Max 50. Start IP address 172.16.10.50 using router interface as default gateway.
- Sale for VLAN 20: 172.16.20.0/24, Max 50. Start IP address 172.16.20.50 using router interface as default gateway.
- Admin for VLAN 30: 172.16.30.0/24, Max 50. Start IP address 172.16.30.50 using router interface as default gateway.
Configure DHCP relay agent in router R2 (in subinterface mode).
7.2 In BranchOffice, configure DHCP on router R3_BR to assign ip address for all VLANs with the pool name:
- Tech for VLAN 10: 10.0.10.0/24 using router interface as default gateway.
- Sale for VLAN 20: 10.0.20.0/24 using router interface as default gateway.
- Admin for VLAN 30: 10.0.30.0/24 using router interface as default gateway.
All PCs are assign IP address from DHCP Server.
8 Access control list:
Only Tech subnetwork‘ users ( VLAN 10) of each regions can telnet to its Routers. (configure vty line 0 4) using ACL 10.
- Only VLAN10’user of HeadQuarter region can telnet to routers R1, R2. VLAN10’user of BranchOffice region can telnet to routers R3.