Project 4

User Generated

fnnqnyngjv

Engineering

Description

The purpose of this project is to upgrade and configure the network schematic in project 3 as shown below in Figure 1 using GNS3. The network consists of three buildings (Engineering, CEBIS and Montebello) of Morgan State University. Each of the buildings has their own router, switch and hosts. The configuration of the network is summarized in the table below. Figure 1 expands the network topology in Project3 to have an Inside Network, Demilitarized Zone (DMZ) and an Outside Network.

Unformatted Attachment Preview

EEGR410: Introduction to Networks /Fall 2017 Final Project__ 1. Project Description The purpose of this project is to upgrade and configure the network schematic in project 3 as shown below in Figure 1 using GNS3. The network consists of three buildings (Engineering, CEBIS and Montebello) of Morgan State University. Each of the buildings has their own router, switch and hosts. The configuration of the network is summarized in the table below. Figure 1 expands the network topology in Project3 to have an Inside Network, Demilitarized Zone (DMZ) and an Outside Network. Inside Network: It consists the network connected to the e0 (GigabitEthernet 0) of the Firewall (FW). And it is the most trusted network by the FW. DMZ Network: It consists of the network connected to the e2 (GigabitEthernet 2) of the FW. This network is accessible to the inside network and the outside network. Outside Network: It consists the network connected to the e1 (GigabitEthernet 0) of the Firewall (FW). And it is the least trusted network by the FW. Figure 1: Network Diagram using Microsoft Visio® BUILDING PC ROUTER ENGINEERING 10.1.1.1 Fa0/0: 10.1.1.251 255.255.255.0 S0/0: 10.1.128.251 gateway 10.1.1.251 S0/1: 10.1.130.251 10.1.3.1 Fa0/0: 10.1.3.253 255.255.255.0 S0/0: 10.1.130.253 gateway 10.1.3.253 S0/1: 10.1.129.253 10.1.2.1 Fa0/0: 10.1.2.252 255.255.255.0 S0/0: 10.1.128.252 gateway 10.1.2.252 S0/1: 10.1.129.252 CBEIS MONTEBELLO Edge Router Fa0/0: 192.168.2.1/30 Fa0/1: 202.2.2.2/24 DMZ Router 192.168.2.10 Fa0/0:192.168.2.5/30 255.255.255.252 Fa0/1:192.168.2.9/30 Gateway 192.168.2.9 Firewall Gi0/0:10.0.0.2/30 Gi0/1:192.168.2.2/30 Gi0/2: 192.168.2.6/30 Table 1: IP Address Assignment Configuring the Routers: The configuration commands for the routers are the same as the ones in Project 3. But for a network traffic not intended to the outside network beyond the edge router, you need to configure a default route at the Edge router. Configuring the Firewall: The FW is configured the same as the routers for both the interface IP address assignment and routing protocols. But you need to configure security-level of the connected network at each interface and access lists to name a few. -command for creating a FLASH for the FW which is imported into the hda (should be executed at the Linux terminal) $qemu-img create FLASH 512M (watch the video !!) -FW configuration settings : recommended values ram = 1024 netcard = e1000 options = -icount auto -hdachs 980,16,32 -vga none initrd = D:\GNS3-Common\Images\asa842-initrd.gz kernel = D:\GNS3-Common\Images\asa842-vmlinuz kernel_cmdline = ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536 no-hlt Note: The Firewall will not allow you a ping command to its interface.  Create an access list at the FW to enable the 10.1.1.0/24 network to be able to execute the icmp echo (which enables you to perform ping command).  Ping one of the interfaces of the FW and show the screen shot of the output. This is should be done from PC1 which is the 10.1.1.0/24 sub network.  Ping again the FW interface from a PC from a different subnetwork such as Montebello and show the screen shot of the output and compare the results with the previous result.  Show the screenshot of the running config of the Firewall. Configuring the Cloud: To enable connectivity to the internet or the outside network beyond the Edge router, the cloud must be connected to the host computer internet connectivity. -command for setting up the IP address of the Cloud interface connected to Edge router. It should be executed from the terminal.  Ping the edge router interface (202.2.2.2) from the Linux terminal and show the screen shot of the output. If you succeed, you should be able to ping it.  Similarly, ping the cloud interface (202.2.2.5) from the Edge_R and show the screenshot of the output.  Use the “ifconfig” command from the Linux terminal to show the Cloud interface is added as tap0.  Show the screenshot of the output of the “show ip route” from the Engineering, Montebello, DMZ and Edge routers. Also “show route” on the FW to get the route. Explain the results.  Type from PC1 terminal the command trace 202.2.2.2. Show and explain in detail each entry of the output. Note: trace command corresponds to tracert in the case of routers.  Discuss the purpose of a network design with DMZ.  The DMZ design considered here is a basic on a.k.a three-legged Firewall. Considering a multiple Firewall DMZ design, show your new DMZ schematics together with the placement of the public accessible servers.  Devices in the inside network of MSU are assigned private IP addresses. As a result, the IP address of any inside host trying to reach the outside network (e.g browsing the internet) should be translated to MSU public IP address. Explain how Network Address Translation (NAT) works and explain how it can be applied for the above network.  Similar to Question #10 of Project 3. Consider a user at PC1 and types www.google.com. Describe the journey of the web request packet in details as it traverses the network devices. You should be able to apply the concepts of encapsulation/ decapsulation as the packet traverses the TCP/IP layer, packet processing and forwarding at the network devices, Network Address Translation (NAT) and Domain Name Server (DNS). Expected Network Diag, PC5 and PC6 are added for troubleshooting (not mandatory) Deliverables: -Your network topology diagram (gns3 file) in *.zip format. Don’t forget to save your running configuration to start up configuration (if you don’t do so, you will lose all the configurations during the next startup). You can also export and save them in your working directory. -a report showing the screen shots of each of the steps followed during configuration accompanied by explanation. -an explanation of the questions together with their corresponding screen shots and the screen shot of the final Network diagram. Note: your project report should be a single *.pdf file of the report and grading will take into account project report theoretical explanation, format, clarity, originality, grammar and a detail explanation of the procedures together with their screen shots if there are any ! Helpful Materials to accomplish this work: 1. Configuring the Cloud https://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-gns3-ethernet-niocloud http://websistent.com/how-to-connect-gns3-to-the-internet/ 2. Configuring the Firewall http://forum.gns3.net/topic9476.html http://www.tech21century.com/how-to-configure-eigrp-on-a-cisco-asa-firewall/ http://commonerrors.blogspot.com/2011/06/please-configure-asa-gns3-asa.html https://networkinferno.net/routing-to-a-wall-of-fire
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Kindly find the lab report.

Surname1

Student’s Name
Instructor’s Name
Course
Date

Surname2

Introduction to networks project 4
The aim of this project is to upgrade and configure a network schematic of three buildings; Engineering,
CBEIS and Montebello.
Requirements
Item
Workgroup switch
Router
Communication link
PC
Server
Cloud
Firew...


Anonymous
I was having a hard time with this subject, and this was a great help.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags