The word doc file has all the instructions in it on what the project is and how it should be done. The Project1.pka file is Cisco Packet Tracer file.
Scenario You are a Network Administrator for a small company A, you have been given the task of configuring the Company A network shown in topology below with RPVST+, port security, DHCP, VLANs and trunking, and routing between VLANs. In addition, you will perform an initial configuration on a switch, secure unused switch ports and secure SVIs (Switch Virtual Interfaces). Addressing Table Device Interface Network Configuration Details Campus G0/1.5 10.10.5.0/24 First address in the network G0/1.10 10.10.10.0/24 First address in the network G0/1.15 10.10.15.0/24 First address in the network G0/1.100 10.10.100.0/24 First address in the network G0/1.199 10.10.199.0/24 First address in the network SW-A SVI 10.10.199.0/24 The last address in the network SW-B SVI 10.10.199.0/24 The second to the last address in the network SW-C SVI 10.10.199.0/24 The third to the last address in the network Admin-A NIC 10.10.100.0/24 Any available address in the network Admin-B NIC 10.10.100.0/24 Any available address in the network Admin-C NIC 10.10.100.0/24 Any available address in the network VLAN Port Assignment Table VLAN Name VLAN Network Device Port 5 sales 10.10.5.0/24 SW-A SW-B SW-C Fa0/5 Fa0/7 Fa0/7 10 prod 10.10.10.0/24 SW-A SW-B SW-C Fa0/10 Fa0/10 Fa0/10 15 acct 10.10.15.0/24 SW-A SW-B SW-C Fa0/15 Fa0/15 Fa0/15 100 admin 10.10.100.0/24 SW-A SW-B SW-C Fa0/24 Fa0/24 Fa0/24 199 manage 10.10.199.0/24 SW-A SW-B SW-C SVI SVI SVI 999 null N/A SW-B All unused ports Instruction Step 1: Configure initial device settings on all Switchs. 1. Configure the host names. The host name must match the value in the table exactly in spelling, case, and punctuation. 2. Prevent the router CLI from attempting to look up mistyped commands as URLs. 3. Configure the message-of-the-day banner as (Unauthorized Access is Prohibited) must match exactly in spelling, case, and punctuation. 4. Configure an encrypted password for Privileged EXEC mode as (class). 5. Protect access to the device console (use password cisco). 6. Prevent IOS status messages from interrupting command line output at the device console. 7. Encrypt all clear text passwords. Step 2: Create and name VLANs On all three switches, create and name the VLANs shown in the VLAN Table. 1. The VLAN names must match the values in the table exactly in spelling, case, and punctuation. 2. Each switch should be configured with all the VLANs shown in the table. Step 3: Assign switch ports to VLANs Using the VLAN table, assign the switch ports to the VLANs you created in Step 3, as follows: 1. All switch ports that you assign to VLANs should be configured to static access mode. 2. All switch ports that you assign to VLANs should be activated. 3. Note that all the unused ports should be disabled and assigned to VLAN 999. Step 4: Configure the SVIs Using the addressing table, create and address the SVIs on all three switches. Configure the switches so that they can connect with remote hosts. Full connectivity will be established after routing between VLANs has been configured later in this assessment. Step 5: Configure Trunking 1. Configure all port interfaces between switches as trunks. 2. Configure trunking on the switch port on SW-A that is connected to router Campus. Step 6: Configure Rapid PVST+ Configure Rapid PVST+ settings as follows. a. Activate Rapid PVST+ and set root priorities. 1. All three switches should be configured to run Rapid PVST+. 2. SW-A should be configured as root primary for VLAN 5 and VLAN 10 using the default primary priority values. 3. SW-A should be configured as root secondary for VLAN 15 and VLAN 100 using the default secondary priority values. 4. SW-C should be configured as root primary for VLAN 15 and VLAN 100 using the default primary priority values. 5. SW-C should be configured as root secondary for VLAN 5 and VLAN 10 using the default secondary priority values. b. Activate PortFast and BPDU Guard on the SW-C switch access ports. 1. Configure PortFast on all access ports that are connected to hosts. This must be configured on the switch ports. Do not use the portfast default form of the command. 2. Activate BPDU Guard on all access ports that are connected to hosts. Step 7: Configure switch security. You are required to complete the following: a. Secure unused switch ports. Following security best practices, do the following on SW-B only: 1. Shutdown all unused switch ports. 2. Configure all unused switch ports as access ports. 3. All unused switch ports should be assigned to VLAN 999. b. Configure port security on all active access ports on the SW-B. do the following on SW-B only: 1. Each switch port should accept only two MAC addresses before a security action occurs. 2. The learned MAC addresses should be recorded in the running configuration. 3. If a security violation occurs, the switch ports should provide notification that a violation has occurred but not place the interface in an err-disabled state. c. On SW-B, configure the virtual terminal lines to accept only SSH connections on the virtual terminal lines. 1. Use a domain name of project1.com. 2. Use a modulus value of 1024. 3. Configure SSH version 2. 4. Configure the vty lines to only accept SSH connections. 5. Configure user-based authentication for SSH connections to the vty lines with a user name of netadmin and a secret password of sshpass1. The user name and password must match the values provided here exactly in case, punctuation, and spelling. Step 8: Configure Router-on-a-Stick Inter-VLAN Routing Configure router Campus to route between VLANs according to the information in the addressing table. · Do not route VLAN 999. Step 9: Configure the router as a DHCP server. Configure three DHCP pools as follows: 1. Create a DHCP pool for hosts on VLAN5 using the pool name vlan5pool. 2. Create a DHCP pool for hosts on VLAN10 using the pool name vlan10pool. 3. Create a DHCP pool for hosts on VLAN15 using the pool name vlan15pool. 4. All VLAN pool names must match the provided values exactly. 5. Exclude the first five addresses from each pool. 6. Configure a DNS server address of 192.0.2.62. 7. Configure the default gateway. 8. Once they have received addresses, the hosts should be able to ping hosts on other networks. Step 10: Configure host addressing 1. Hosts on VLANs 5, 10 and 15 should be configured to receive addresses dynamically over DHCP. 2. Hosts on VLAN 100 should be addressed statically as indicated in the addressing table. 3. Once configured, the hosts should be able to ping hosts on other networks. Step 11:Verify End-to-End Connectivity Step 12: Save and Submit your project 1. Save your configuration in all devices 2. Save the packet tracer file as “first-last.pkt” where first and last are your first and last names. 3. Submit your file before the due date only through the blackboard, fail to submit your file before the due date wont be accepted