关于算法:INFT-3019网络架构

28次阅读

共计 9997 个字符,预计需要花费 25 分钟才能阅读完成。

INFT 3019 Network Architecture 2022
Assignment 2: Wireless Implementation (25%)
Due: Tuesday 14th June 2022 @ 11:59 PM
(Week 14)
Individual Assignment
Submission: via the course website

Overview
Stelmaria Incorporated has finally finished moving their headquarters to Mawson Lakes Tech Park
and now want to upgrade their wireless infrastructure from a standard WPA2 PSK setup to a more
enterprise solution with Wireless LAN Controllers (WLCs) and WPA2 Enterprise. They are also looking
to learn more about WAN connections that are available to the company to enhance their
interconnectivity between branch offices. They will also be looking at implementing more WAN links,
currently Stelmaria has a reliance on Mawson Lakes Tech Park to route all traffic from all branch
offices to the ISP and back to the branch offices. Stelmaria is looking for other options that give
redundancy and scalability for branch offices and its headquarters.
In this assignment you will be making use of the skills you have learnt over the entire course to
create an IP addressing scheme, a network implementation with wireless and recommend a WAN
solution for Stelmaria that meets their needs as a growing enterprise.
Deliverables
You will be required to complete four deliverables and include them in your submission:
IP addressing scheme (Excel Spreadsheet or Word Document/PDF).
Test documentation (Excel Spreadsheet or Word Document/PDF).
Completed network configuration (Packet Tracer file).
Recommended WAN solution, justifications, and assumptions (Word Document/PDF).
Do not add these deliverables to a ZIP archive on submission. Submit them as separate files.
Weighting
The assignment is worth 25% of your overall grade for this course. The following table breaks down
each component of the assignment, giving it a percentage out of the 25% for this assignment. The
Implementation is worth 17% and the WAN solution is worth 8%
IP addressing scheme 2.5%
Basic configuration 1%
VLANs & VTP 1%
IP addressing implementation 1%
OSPF & Routing 3%
DHCP 2%
NAT 2%
Wireless 3.5%
Testing 1%
4/04/2022 v1.0
WAN Solution 8%

Configuration Guide
Below you will find some helpful steps to follow in order to assist you with configuring the network.
You may find that you do not want to do the steps in the order they are presented in, the order is up
to you to determine. The configuration is complete when all steps have been completed in the order
presented, or your own order.
To start, download the associated Packet Tracer file available on Learnonline. This includes the
devices and the layout of the network along with all connections already completed. See Figure 1 for
an overview of the supplied Packet Tracer file.

Figure 1 – Stelmaria Network Overview

Step 1 – IP addressing scheme.
? This must be done before you start. If the IP addressing scheme documentation is not
included in your submission you will get zero for this section.
? Your IP addressing scheme must include an IP assignment table. See your practicals for an
example of this type of table.
Use 10.0.0.0/8 for internal addressing:
o The second octet represents the location (1 = Tech Park (HQ), 2 = Kensington, 3 =
Adelaide CBD, 255 = other IP addressing).
o The third octet represents the VLAN.
o The fourth octet represents the hosts.
4/04/2022 v1.0
o For example, 10.2.50.5: 2 = Kensington, 50 = VLAN ID, 5 = Host.
Step 2 – Implement basic configuration.
On switches and routers perform the following:
Set hostnames and domain name (stelmaria.com.au)
Disable IP domain lookup.
Configure enable password (“class”).
Configure password for console (“cisco”).
Configure a user account named“admin”with password“cisco”.
Create RSA key.
Configure password for VTY (“cisco”) and only allow SSH connections.
Encrypt all passwords.
Step 3 – Implement VLANs & VTP.
VLANs are implemented as groups of devices, one per group. For example: management –
for switch management VLAN, Servers, HR, Auditing, Wi-Fi and so on.
Configure the distribution switch in Tech Park with the VLANs and set it as VTP server and
the access switches as VTP clients.
Configure the access switch in Adelaide and the access switch in Kensington with the VLANs.
Configure access ports to be in the correct VLAN.
Shut down all unused ports and move them into a blackhole/unused VLAN.
Configure management SVI’s on each switch.
Configure trunk links as appropriate and change the native VLAN.
Step 4 – Implement IP addressing.
Configure each interface with their IP address information according to your scheme.
Configure sub-interfaces on the Adelaide and Kensington router and SVIs on the distribution
switch in Tech Park.
The ISP router already has the IP address configured on the serial link to Tech Park. The Tech
Park link to the ISP has not been configured.
Use private IP addresses for the WAN links between locations excluding the ISP.
End devices (PC, laptop, tablet, camera) should not have IP addressing assigned because
they will get their IP addresses through DHCP.
Configure static IP addresses for the servers and printers as well as the Admin PCs. Admin
PCs should be placed into the Management VLAN.
Admin PCs can be used to test the management VLAN through SSHing to switches to
manage them.
Step 5 – Implement OSPF and routing.
Configure OSPF on the 3 routers (Tech Park, Adelaide, and Kensington). DO NOT configure
OSPF on the ISP router.
Configure OSPF on the distribution switch in Tech Park.
Configure default routes as appropriate. Use default route propagation where possible.
Step 6 – Implement DHCP.
DHCP is done from the distribution switch in Tech Park to every device in the network.
Configure your DHCP pools according to your subnets defined in Step 1.
4/04/2022 v1.0
Configure a DHCP pool for Wi-Fi devices in each location.
Configure excluded addresses to ensure no IP conflicts occur.
Configure the IP helper address in the Adelaide and Kensington locations so devices there
can receive their IP addressing information from the distribution switch in Tech Park.
Configure all end devices (excluding printers and servers) to obtain their IP addressing
information through DHCP.
Step 7 – Implement NAT.
Packets destined for the ISP must be passed through NAT to avoid leaking private IP
addresses to the ISP. Use the external IP address of the network (209.162.125.10) and
implement PAT.
Add a static NAT for the file server in Tech Park using the IP address 209.162.125.12.
Ensure all traffic coming from the Internet cannot access any internal end device (only the
file server in Tech Park using the external IP address above).
Step 8 – Implement Wireless Network.
Add a WLC-2504 to your network and attach it to the appropriate switch in each location (3
WLCs in total).
Ensure the management network is configured on the“Configure”tab, use the management
VLAN and assign it to an appropriate IP address.
Set up AAA (RADIUS) on the Auth Server (“Services”tab) in each location. Use an
appropriate secret and add a test user to the database.
Use the Admin PC’s browser to configure the WLC.
Create a WPA2 Enterprise network in each location with SSID“Stelmaria Staff –”,
replace“”with an appropriate value.
Add a LAP-PT (Lightweight Access Point) and connect it to the appropriate switch in each
location. The IP address for the LAP-PT (see the“Configure”tab) should be DHCP.
Create a new DHCP pool for management on the Router/L3 Switch in each location, set
option 150 to the IP address of the WLC management interface.
Verify that the AP has an IP address assigned to it.
Configure an AP group named“Stelmaria-Wireless-”, add the“Stelmaria Staff –
”WLAN and the created AP to the group.
Add a tablet and smart phone in each location and configure wireless settings to connect
appropriately.
Step 9 – Verify the network connectivity.
The ISP server can be used to test the network connectivity (192.168.1.2). Use it to
effectively test the network and server access.
You can also use the Admin PCs to test the management VLANs and SSH connectivity to
switches.
Your tests should demonstrate the NAT, DHCP and Wireless features of the network, along
with general connectivity.
Tests should be documented and included in your submission. If no testing is documented,
you will receive zero for this section.
It is recommended to test at the end of each step to ensure configuration is working before
proceeding to the next step.
Tests should be documented in a table like the following:
4/04/2022 v1.0
Test Name Source Destination Result Expected Result Reason
Ping from ISP
Server to HR
PC
ISP Server HR PC Fail Fail Cannot access
because it is
an internal
device.

WAN Solution
As a part of your submission, you need to include a recommended WAN solution for connecting
branch offices to the Internet (currently through the HQ) that is scalable, redundant, and cost-
effective. You need to research WAN solutions available in Adelaide that are suitable to a medium
enterprise and write a recommendation report for Stelmaria to consider. Consider proposing
multiple options (with diagrams for each) so that Stelmaria can choose the most appropriate one for
them. You may also like to include backup technologies such as cellular network access if all WAN
links are unavailable.
You do not need to find prices from Internet Service Providers, use the knowledge gained from the
WAN week to judge whether the solution would be expensive or reasonable.
You will be marked on how relevant the WAN technology is, how suitable it is for Stelmaria and
whether it is justified appropriately in your report. You will also be marked on your proposal quality
(spelling, grammar, flow, references and so on). There is no defined length for this report, nor page
count. It is expected that it is of high quality if you wish to achieve a High Distinction.
Academic Integrity
You are warned that the University’s policies on academic integrity will be strictly adhered to. This is
an individual assignment and the work you submit must be entirely your own: no part of your
submission can be anybody else’s work or work that you did together with another student or
students. You must not make your work available to another student. All use of outside assistance,
e.g.,“essay farms”on the Web or work written for you by a friend, is strictly forbidden and will
attract a minimum penalty of zero for the assignment. To defend yourself in the case of any
suspicion of academic misconduct, you are strongly urged to retain all evidence of how you
developed your assignment, such as rough work sheets, notes, drafts, copies of reference material,
minutes of meetings etc.
You are free to discuss the report with others, and to give and receive help, including references and
general discussion of the main arguments and conclusions, as long as the text of your report is
written by yourself and is not made available to others. Your submission will be subject to
automated checks for plagiarism, including, but not limited to, Turnitin.
If you have any doubts about the academic integrity requirements, please discuss them with us.
Refer to the University’s academic integrity policy for further information.
Extension to Assessment Task Deadlines
There will be NO extensions to the assessment task deadline unless arranged prior. If you submit the
assignment late for whatever reason, the late penalty described below will apply. If for some reason
you need to take extended leave from this course, such as jury duty or Defence Force leave, please
4/04/2022 v1.0
see the course coordinator BEFORE taking such leave otherwise no extensions will be granted.
Extension requests must be submitted through the Learnonline site.
Late Submissions
If you submit your assignment after the specified deadline without a pre-arranged extension, a
penalty of 20% of the total mark per day (including Saturday and Sunday) will be incurred. For
example, if you are 2 days late and you are awarded 10/15 your actual mark will be 7/15.

正文完
 0