Answer Happy

The purpose of this group/individual project is to demonstrate that you can transfer the skills you have learned this semester to a real life scenario. You will create a fully functional network for a company of your own creation with the following requirements: • One headquarters with at least 2 branch offices • For the first branch, implement EtherChannel • For the second branch, implement a FHRP or WLAN using a WLC and LWAPS Implement at least 4 VLANs per site Implement PortFast and BPDU Guard for all end devices Implement subnetting for all LANs and WANS o Make sure to use a subnet that will not waste unnecessary addresses on the WAN Implement static routing o Static routes for all your networks Static routes will also be used for backup or gateway of last resort purposes Save all configurations You will use Packet Tracer to implement the network. All network equipment will be fully configured and properly secured. If you will be using a local database for access, include a username and password that I can use to access your network in the network documentation. - All lines (console and VTY) properly secured Use SSH rather than Telnet - Display warnings on all intermediary devices Interfaces on switches (key interfaces only) and routers (LAN & WAN connections) fully configured with descriptions Interfaces with end devices configured with PortFast and BPDU Guard Implement EtherChannel for first branch Implement a First Hop Redundancy Protocol or WLAN using a WLC and LAPs for the second branch Have at least one server in your Headquarters and implement port security for its interface o Use sticky secure MACS o Shutdown violation mode Maximum of 1 MAC VLAN configuration Minimum of 4 VLANs per LAN o Native VLAN for trunking purposes and Management VLAN for network devices and configuration purposes (ie: IT staff) is required Implement DHCP using a router for at least one VLAN Routing configuration o Implement static routing Static route for backup purposes (floating static route) or to establish and propagate a Gateway of Last Resort (default static route) o

b. Edit the management interface (Controller, Interfaces) to add the IP of the WLC in the "Primary DHCP Sever" field (click Apply) C. Setup the DHCP Scope in the WLC (Controller, Internal DHCP Server, DHCP Scope) i. Create a new Scope by clicking "New" 10. Complete AP setup a. Make sure the port on the switch that is connected to the AP is set as trunk, with proper native vlan b. In the AP settings, change to DHCP 11. Test wireless LAN by adding a laptop a. Connect the laptop to wireless using the password you setup in Step 8 b. Laptop should get IP configuration from the DHCP pool in the router 12. Setup is complete, all devices should be able to ping each other e 1. Plan a. Plan IP network addresses and subnet for different VLANs (3 total: management, wired, wireless. Remember you do not assign a network number to the native VLAN) b. Plan VLAN tag (number) and VLAN name for all VLANS (4 total: native, management, wired, wireless) C. Document all the IPs you will use for all devices (router, switch, WLC, PCs) d. Will need to setup VLANs in switch (4 total) e. Will need a router to handle routing between VLANs (router on a stick) f. Will need a DHCP scope to give out IPs to wireless clients (to be setup in router) 2. Use 3504 WLC and 3702 LAP (lightweight AP) 3. Cable and assign IP configuration to PCs and WLC (management IP) 4. Setup Switch: a. Setup VLANs (total 4) b. Setup access ports/vlan for wired computers C. Setup trunk ports for WLC and AP with native = management (this sounds wrong, but it is necessary because the WLC and APs do not tag their management traffic by default) d. Setup the trunk on the port that is connected to router with the real native interface e. Setup management interface and default gateway on Switch 5. Setup router a. Setup router on a stick in router to allow routing between different VLANS. You need a subinterface for each of the VLANs you planned (total 3: management, wired, wireless. Remember you do not need a subinterface for the native VLAN). b. Setup DHCP pool for wireless LAN (remember to exclude the IP you already used for the subinterface) 6. Make sure computer can ping WLC 7. Initial configuration of WLC: a. From computer, go to initial configuration using browser. Initial configuration will NOT use https b. Follow the steps given during lecture C. MAKE SURE YOU LEAVE THE MANAGEMENT VLAN ID AS O d. WLC will reboot, wait until computer can ping WLC again e. After initial configuration you will need to use https to access WLC 8. Setup new WLAN in WLC: a. Create an interface for new wireless LAN (Controller, Interfaces) b. Create new WLAN (WLAN) i. MAKE SURE YOU ENABLE THE WLAN! ii. Set the interface to the one created in the previous step ili. Security: WPA+WPA2 Select WPA policy Enable PSK: this is where you type the password the clients will use to connect to this wireless LAN iv. Advanced: select both FlexConnect options 9. Setup AP management in WLC a. The WLC needs to be setup as a DHCP server for APs . a

VLAN TABLE VLAN *** PLEASE NOTE *** Use a site by site approach. (ie... HQ, Branch 1 and Branch 2 worksheets with all info) Use an addressing table approach. (ie... VLANs, Subnets, Addressing Table with info for each site) 10 20 30 Future Future 100 88 99 Description Subnet DG Administrative 192.168.10.0 192.168.10.1 Staff 192.168.10.32 192.168.10.33 Lab_PCS 192.168.10.64 192.168.10.65 Future 192.168.10.96 192.168.10.97 Future 192.168.10.128 192.168.10.129 Guests (wifi, comr 192.168.10.160 192.168.10.161 Management 192.168.10.192 192.168.10.193 Native 192.168.10.224 192.168.10.225 Given Network: 192.168.10.0/24 Subnets: 6 Hosts: : 30 New Network SM: 192.168.0.0/27 SUBNETTING TABLE Subnet Network Address First IP/DG Last IP Broadcast SO 192.168.10.0 192.168.10.1 192.168.10.30 192.168.10.31 S1 192.168.10.32 192.168.10.33 192.168.10.62 192.168.10.63 S2 192.168.10.64 192.168.10.65 192.168.10.94 192.168.10.95 S3 192.168.10.96 192.168.10.97 192.168.10.126 192.168.10.127 S4 192.168.10.128 192.168.10.129 192.168.10.158 192.168.10.159 S5 192.168.10.160 192.168.10.161 192.168.10.190 192.168.10.191 S6 192.168.10.192 192.168.10.193 192.168.10.222 192.168.10.223 S7 192.168.10.224 192.168.10.225 192.168.10.254 192.168.10.255 ADDRESSING TABLE Device Interface GO/0.10 G0/0.20 GO/0.30 GO/0.88 HO GO/0.99 GO/0.100 SO/0/0 /0 so/0/1 HQ-Sw1 VLAN 88 PC-1 NIC PC-2 NIC PC-3 NIC IP Address Subnet Mask Default Gateway 192.168.10.1 255.255.255.224 n/a 192.168.10.33 255.255.255.224 n/a 192.168.10.65 255.255.255.224 n/a 192.168.10.161 255.255.255.224 n/a 192.168.10.193 255.255.255.224 n/a 192.168.10.225 255.255.255.224 n/a 172.16.0.1 255.255.255.252 n/a 172.16.0.5 255.255.255.252 n/a 192.168.10.194 255.255.255.224 192.168.10.193 192.168.10.30 255.255.255.224 192.168.10.1 192.168.10.62 255.255.255.224 192.168.10.33 192.168.10.94 255.255.255.224 192.168.10.65