Reference no: EM132240610
Assessment Description,
Project Background
The parent company Sun-Networks recently purchased another company running OSPF and would like to keep the infrastructure as it is, without modifying to avoid major impact, utilising your Cisco expertise to integrate both Parent and sister concern, by redistributing the learned subnets by the Cisco protocols.
As part of this work undertaken by you as a third party for the integration, you must specify every task that you have done briefly describing it and producing the VERIFICATION OUTPUTS (Show commands and TROUBLESHOOTING OUTPUTS (debug commands) where necessary.
Example: VPN between 192.168.3.0 and 192.168.4.0
What is IPSec VPN - Brief in 50-80 words?
Verification: Sh crypto ipsec sa, Sh crypto isakmp sa etc.
Trouble shooting: debug crypto ipsec, debug crypto? For more commands
1. Create the transform set VPN-SET to use esp-aes 256 and esp-sha-hmac. Then create the crypto map CMAP that binds all of the Phase 2 parameters together. Use sequence number 10 and identify it as an ipsecAsakmp map.
Use the following parameters:
a. Transform set: VPN-SET
b. Transform encryption: esp-aes 256
c. Transform authentication: esp-sha-hmac
b. Perfect Forward Secrecy (PFS): group5
c. Crypto map name: CMAP
d. SA establishment: ipsec4sakmp
e. Bind the crypto map (CMAP) to the outgoing interface.
NOTE: Verify that the Security Technology package license is enabled? Repeat the site-to-site VPN configurations on R4 so that they mirror all configurations from Router2 (as per the current diagram).
2. Ensure both EIGRP and OSPF network nodes should access Internet via RI
3. Ensure 172.16.101.1/29 is providing DHCP addresses for the N./LANs 21-24
4. Configure VLANs and Root bridge
VLAN ports for both B1SW1 and B1SW2
a. VLAN 21- Port 1 -4 Subset 192.168.2.0/27 (DHCP IP allocation for PC's)
b. VLAN 22 - Port 5 - 8 Subset 192.168.2,64/27 (DHCP IP allocation for PC's)
c. VLAN 23 - Port 10 - 14 S11,92.168.2.96/28 (DHCP IP allocation for PC's)
d. VLAN 24 - Port 15 -18 Subset 192:168.2.128/27 (DHCP IP allocation for PC's)
e. VLAN 98 is Management and NATIVE VLAN-Subset 192.168.98.0/29
Managing Spanning Tree
a. B1SW3 is Root Bridge
b. B1SW2 is Secary Root Bridge
Managing VTP
b. VIP Domain name P2VTP.com
c. VTP Password: projectvtppa55
Switch port Security
a. Ensure Switch port security Is enabled in all VLAN based switches
b. Max MAC addresses allowed are 2
c. Ensure the MAC addresses are automatically observed and registered
d. Switch port violation should shut down the ports
e. DISABLE all unused ports