assignment 1 & 2 of nt1
TRANSCRIPT
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Table of Contents
Introduction to wireless LAN topologies 2
Network 1: Ad hoc 4
Pictorial view 4
Topology map 5
Screen shots 5
State Diagram 9
Network 2: Infrastructure 10
Topology map 10
State Diagram 12
Network 3: using access point and switch 13
Topology map 14
State diagram 15
Comments 17
Network 4: PIX Firewall 17
Topology 18
State Diagram 19
Appendix A: Configurations for network 1 20
Appendix B: Configurations for network 2 22
Appendix C: Configurations for network 3 26
Appendix D: Configurations for network 4 44
Veer Partap Singh 1(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Introduction to wireless LAN topologies
In wireless LAN we have the option of deploying three types of WLAN topologies:
Independent basic service sets (IBSSs)
Basic service sets (BSSs)
Extended service sets (ESSs)
A service set is a logical grouping of devices. WLANs provide network access by broadcasting a signal across a wireless radio
frequency (RF) carrier. A receiving station can be within range of a number of transmitters. The transmitter prefaces its transmissions
with a service set identifier (SSID). The receiver uses the SSID to filter through the received signals and locate the one it wants to
listen to.
IBSS
An IBSS consists of a group of 802.11 stations communicating directly with one another. An
IBSS is also referred to as an ad-hoc network because it is essentially a simple peer-to-peer
WLAN.
BSS
A BSS is a group of 802.11 stations communicating with one another. A BSS requires a specialized station known as an access point
(AP). The AP is the central point of communications for all stations in a BSS. The client stations do not communicate directly
other client stations. Rather, they communicate with the AP, and the AP forwards the frames to the destination stations. The AP might
be equipped with an uplink port that connects the BSS to a wired network (for example, an Ethernet uplink). Because of this
requirement, a BSS is also referred to as an infrastructure BSS.
Veer Partap Singh 2(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
ESS
Multiple infrastructure BSSs can be connected via their uplink interfaces. In the world of 802.11, the uplink interface connects the
BSS to the distribution system (DS). The collection of BSSs interconnected via the DS is known as the ESS.
Veer Partap Singh 3(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Network 1: Ad hoc
An ad hoc or independent basic service set (IBSS) network is created when individual client devices form a self-contained network
without the use of an access point. There is no standards-based limit as to the number of devices that can be in an IBSS. But because
every device is a client, often, certain members of the IBSS cannot talk to each other because of the hidden node issue. In spite of this,
there is no mechanism for a relay function in an IBSS. Because no access point is in an IBSS, timing is controlled in a distributed
manner. An Ad hoc WLAN can be shown as follows:
Pictorial view
(Khan, 2004)
Veer Partap Singh 4(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Topology Map:
Screen Shots
Network Name: As with any network there should be a unique identifier. Service set Identifier (SSID) is used by client to identify
the network. In this experiment I have given SSID group1 on 4 wireless adapters. As shown in the following screen shot.
Veer Partap Singh 5(2040589)
PC 1
PC 3
PC 2PC 4
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Following networks are used for four adapters:
192.168.1.1
192.168.1.2
Veer Partap Singh 6(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
192.168.1.3
192.168.1.4 And the SNM is same for everyone 255.255.255.0
IPTV server is installed on one of the machine and rests of 3 adapters are installed with IPTV Client. From the server, allow the
different program for multicasting out of 6 one-by-one. It is observed that 3 programs are running successfully at different data
rate like 500 kbps, 1.6 Mbps, 1.4 Mbps.
Veer Partap Singh 7(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Above screen shots are showing the fact that 3 programs are running successfully.
Comments for Network 1
For Adhoc networks to work in wireless network, SSID should be same. Here in this case SSID is Group 1. Multicasting was
happening without any problem up to three programs. Both of these programs were tried on all the bandwidths available.
Veer Partap Singh 8(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
State Diagram :Adhoc network
Veer Partap Singh 9(2040589)
Interface IP address
Wireless NIC 1 192.168.1.1/24
Group Video IP 239.255.12.189
Video MAC 01.00.5E.7f.0C.BD
Group Audio IP 239.255.233.213
Audio MAC 01.00.5E.7f.E9.D5
Interface IP address
Wireless NIC 2 192.168.1.2/24
Group Video IP 239.255.12.189
Video MAC 01.00.5E.7f.0C.BD
Group Audio IP 239.255.233.213
Interface Wireless NIC
SSID Group1
Network Ad hoc
Encryption None
MAC 00-40-96-A6-7D-F0
Interface Wireless NIC
SSID Group1
Interface Wireless NIC
SSID Group1
Network Ad hoc
Authentication None
Encryption None
AP authentication Open
MAC 00-40-96-A6-7D-33
NIC 802.11aPower level 20mWChannel Frequency
36 (5180MHz)
Data rate AutoPower save mode
Constantly Awake Mode (CAM)
NIC 802.11aPower level 20mWChannel Frequency
36 (5180MHz)
PC2 IP/TV Client – Business TVPC 1 IP/TV Server – Business TV
Layer 3:NetworkLayer
Layer 2:Data LinkLayer
Layer 1:PhysicalLayer
Layer 3:NetworkLayer
Layer 2:Data LinkLayer
Layer 1:PhysicalLayer
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Network 2: Using Wireless Access Point
This type of network is called Basic Service Set (BSS). A Basic Service Set is a group of wireless stations communicating with one
another. A BSS requires a specialized station known as an access point (AP). The AP is the central point of communications for all
stations in a BSS. The client stations do not communicate directly other client stations. Rather, they communicate with the AP, and the
AP forwards the frames to the destination stations. The AP might be equipped with an uplink port that connects the BSS to a wired
network (for example, an Ethernet uplink). Because of this requirement, a BSS is also referred to as an infrastructure BSS.
Topology Map
Veer Partap Singh 10(2040589)
PC 1 PC 2 PC 3
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Access Point
AP operates within a specific frequency spectrum and uses an 802.11 standard modulation technique. It also informs the wireless
clients of its availability and authenticates and associates wireless clients to the wireless network. An AP also coordinates the wireless
clients' use of wired resources. It should be noted that there are several kinds of APs, including single radio and multiple radios, based
on different 802.11 technologies. In simple words, Access Point is the central communication point for wireless network users. It can
link wired and wireless networks together. It can also be connected together to let wireless users roam between APs without
interruption. AP can provide enterprise level security, monitoring, and manageability.
State diagram of Network 2
Veer Partap Singh 11(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Veer Partap Singh 12(2040589)
Interface IP address
Wireless NIC 2 192.168.1.2/24
Group Video IP 239.255.12.189
Video MAC 01.00.5E.7f.0C.BD
Group Audio IP 239.255.233.213Interface IP address
Wireless NIC 1 192.168.1.1/24
Group Video IP 239.255.12.189
Video MAC 01.00.5E.7f.0C.BD
Group Audio IP 239.255.233.213
Audio MAC 01.00.5E.7f.E9.D5
Interface Wireless NIC
SSID Group1
Network Infrastructure
Encryption None
MAC 00-40-96-A6-7D-F0
Interface Wireless NIC
SSID Group1Interface Wireless NIC
SSID Group1
Network Infrastructure
Authentication None
Encryption None
AP authentication Open
MAC 00-40-96-A6-7D-33
NIC 802.11aPower level 20mWChannel Frequency
36 (5180MHz)
NIC 802.11aPower level 20mWChannel Frequency
36 (5180MHz)
Data rate AutoPower save mode
Constantly Awake Mode (CAM)
MAC IP Device Name Parent State
004096A67D33 192.168.1.1
Self Assoc
0040.96a6.7df0 192.168.1.2
Self Assoc
Interface dot11radio1
SSID Group1
Authentication Open
PC 1 IP/TV Server – Business TV
Layer 3:NetworkLayer
Layer 2:Data LinkLayer
Layer 1:PhysicalLayer
Layer 2:Data LinkLayer
Layer 1:Physical
Access Point (AP)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Network 3
This is infrastructure network and it uses wireless access point and one switch. Here two multicast servers are attached to a
switch and this switch is connected to a wireless access point. This is further attached with two clients. Two VLANs are used.
Veer Partap Singh 13(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Topology for Network 3:
Veer Partap Singh 14(2040589)
Multicast serverVLAN 1
IP 192.168.1.4
Multicast clientVLAN 2
IP 192.168.1.3
Multicast clientVLAN 1
IP 192.168.1.5
Multicast serverVLAN 2
IP 192.168.1.2
AP
SWITCH
VLAN 10 VLAN 20
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Veer Partap Singh 15(2040589)
Interface Ethernet 0IP 192.168.1.5SSID Group1Network InfrastructureAuthentication OpenMAC 0040.96a6.7d64
Interface Wireless NICIP 192.168.1.3SSID Group 1Network InfrastructureAuthentication OpenMAC 0040.96a6.7df0
MAC IP Device Name Parent State
0040.96a6.7df0 192.168.1.3
CB21AG/PI2IAG 134WK-1B
Self Assoc
0040.96a6.7d64 192.168.1.5
CB21AG/PI2IAG 134WK-1B
Self Assoc
Interface dot11radio1SSIDNetwork InfrastructureAuthentication OpenBridge group 1MAC 0011.20ee.d2c0
Interface dot11radio1.10SSID Groupvlan10Network InfrastructureAuthentication OpenEncapsulation 802.1qMAC 0011.20ee.d2c0Bridge group 10
VLAN 10
Interface dot11radio1.20SSID Groupvlan20Network InfrastructureAuthentication OpenEncapsulation 802.1qMAC 0011.20ee.d2c0Bridge group 20
VLAN 20Interface Ethernet 0IP MAC 0013.1a32.9735
Interface Ethernet 0.10 MAC 0013.1a32.9735Encapsulation 802.1.qVLAN 10Bridge group 10
Interface Ethernet 0.20 MAC 0013.1a32.9735Encapsulation 802.1.qVLAN 20Bridge group 20
Access Point
Switch CAT 1
Access Point
Assignments 1 & 2 Network Technology 1 Unit CSG5135
VLAN MAC address Type Interface10 0002.557a.8125 DYNAMIC Fa0/110 0040.96a6.7df0 DYNAMIC Fa0/320 0002.5573.0840 DYNAMIC Fa0/220 0040.96a6.7d64 DYNAMIC Fa0/31 0011.20ee.d2c0 DYNAMIC Fa0/31 0013.1a32.9735 DYNAMIC Fa0/3
Veer Partap Singh 16(2040589)
Interface Ethernet 0.10
Encapsulation 802.1q
Status Trunking
Native VLAN 1
Allow VLAN 1-4894
Interface Ethernet 0.10
Encapsulation 802.1q
Status Non Trunk
Native VLAN 1
Allow VLAN 10
Interface Ethernet 0.20
Encapsulation 802.1q
Status Non Trunk
Native VLAN 1
Allow VLAN 20
Interface Cable NICIP 192.168.1.4
PC 1
PC 4
PC 3
PC 2
PC 5
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Comment
The multicast server can transmit all of the 6 multicast streams at one time, but the client can only display 3 multicast programmes
without any interruption with minimum use of CPU. Multicast stream is only received by client belonging to particular vlan
Network 4 Wireless Access Point and PIX firewall
As one of the first technologies employed to protect networks from unauthorized access, the firewall has come to exemplify network
security.While an overall security strategy requires the harmonious integration of people, process, and technology to reduce risk, there
is no doubt that firewalls can be a very valuable security tool when properly implemented. Today, the use of firewalls has become
such an accepted practice that their deployment in one fashion or another is virtually a foregone conclusion when designing and
building networks. Recognizing this need, Cisco Systems has developed and continues to improve upon its line of PIX firewalls.
These systems have steadily gained market leadership by demonstrating an excellent mix of functionality, performance, and
flexibility. Firewalls have become increasingly sophisticated devices as the technology has matured. At its most basic level, a firewall
is intended to enforce a security policy governing the network traffic that passes through it. To this basic functionality, Cisco has
added many features such as network address translation (NAT), virtual private networks (VPN), and redundant architectures for high
availability. Management systems are typically installed along with the firewall to assist with monitoring and administrating the
device. A maxim of IT security is that technology is only as effective as the people responsible for its operation. Therefore, it is
extremely important for the technical staff managing PIX firewalls to understand the technical functionality of these devices, as this
will result in better security and more efficient operation of the equipment.
Veer Partap Singh 17(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Cisco’s PIX firewalls are a series of appliances that offer world-class security and high levels of performance and reliability. They are
a mature product, having been a part of enterprise and service provider networks since 1995. Cisco PIX firewalls fit into a wide range
of environments, from small office/home office (SOHO) environments to large enterprises and service providers. With support for
complex protocols, the latest VPN technologies, and intrusion detection features, the PIX is one of the leading firewalls in the market.
Topology
Veer Partap Singh 18(2040589)
Multicast server 192.168.100.2
Gateway: 192.168.100.1Inside
Multicast client192.168.50.2
Gateway: 192.168.50.1Outside
Multicast client192.168.1.2
Gateway: 192.168.1.1Outside
AP
SWITCH
PIX Firewall
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Veer Partap Singh 19(2040589)
GLOBAL LOCAL
192.168.1.0 192.168.100.2
Nameif Outside
NAT id 1
Global ip 192.168.1.10
Global ip 192.168.1.20
SNM 255.255.255.0
interface E1
nameif inside
Security 100
IP 192.168.1.1/24
Interface Inside DMZ Outside
IP 192.168.100.2 192.168.1.2
MAC 000255730ad7 000025573095
Nameif Inside
NAT id 1
Real IP 192.168.100.0
SNM 255.255.255.0Max conn 0
Emb limit 0
interface E2
nameif dmz
Security 50
IP 192.168.50.1/24
INTERFACE INSIDE DMZ OUTSIDE
IP 192.168.1.0 192.168.50.0 192.168.100.0
SNM 255.255.255.0 255.255.255.0 255.255.255.0
IP 192.168.1.1 192.168.50.1 192.168.100.1
Metric 1 1 1
connect connect connect
Type static static static
interface Cable NICIP 192.168.50.2Gateway 192.168.50.1
interface Cable NIC
IP 192.168.1.2
Gateway 192.168.1.1
interface Wireless
IP 192.168.100.2
Gateway 192.168.100.1
Name ACLIN ACLIN2
Permit/deny Permit permit
protocol TCP TCP
source Any Any
Destination 192.168.50.99 192.168.100.99
parameters Eq www Eq www
interface E2
nameif outside
Security 0
IP 192.168.100.1/24
Inside 192.168.100.2outside 192.168.1.99
inside 192.168.100.2dmz 192.168.50.99
State Diagram
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Appendix A
Configurations for Network 1: Adhoc Network
PC 1: IPTV Server Business TV
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:Connection-specific DNS Suffix . :Description . . . . . . . . . . . : Cisco Systems AIR-CB20A 802.11a Wireless LAN Adapter #3Physical Address. . . . . . . . . : 00-40-96-A6-7D-33
Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 192.168.1.1Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . :
Veer Partap Singh 20(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
PC 2 IPTV Client Business TV
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:
Connection-specific DNS Suffix . :Description . . . . . . . . . . . : Cisco Systems AIR-CB20A 802.11a Wireless LAN Adapter #3Physical Address. . . . . . . . . : 00-40-96-A6-7D-F0Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 192.168.1.2Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . :
Veer Partap Singh 21(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Appendix B
Configurations for Network 2: Infrastructure
Access Point Configuration
Building configuration...
Current configuration : 1886 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname AP2!logging queue-limit 100enable secret 5 $1$PUEC$PMe9aKILcC8YKvvdtAEZK1!username Cisco password 7 13261E010803ip subnet-zero!!!bridge irb!!interface Dot11Radio1 no ip address
Veer Partap Singh 22(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
no ip route-cache ! ssid Group-vlan10 vlan 10 authentication open ! ssid Group-vlan20 vlan 20 authentication open ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 rts threshold 2312 channel 5240 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled!interface Dot11Radio1.10 encapsulation dot1Q 10 no ip route-cache bridge-group 10 bridge-group 10 subscriber-loop-control bridge-group 10 block-unknown-source no bridge-group 10 source-learning no bridge-group 10 unicast-flooding bridge-group 10 spanning-disabled!interface Dot11Radio1.20
Veer Partap Singh 23(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
no ip route-cache!interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled!interface FastEthernet0.10 encapsulation dot1Q 10 no ip route-cache bridge-group 10 no bridge-group 10 source-learning bridge-group 10 spanning-disabled!interface FastEthernet0.20 encapsulation dot1Q 20 no ip route-cache bridge-group 20 no bridge-group 20 source-learning bridge-group 20 spanning-disabled!interface BVI1 no ip address no ip route-cache!ip http serverip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100
Veer Partap Singh 24(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
ip radius source-interface BVI1bridge 1 route ip!!!line con 0line vty 0 4 login localline vty 5 15 login!end
Veer Partap Singh 25(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Appendix C
Configurations for Network 3 : Using Wireless Access Point and Switch
Access Point Configuration
ap#show dot11 associations
802.11 Client Stations on Dot11Radio1:
SSID [GroupVlan10] :
MAC Address IP address Device Name Parent State0040.96a6.7df0 192.168.1.3 CB21AG/PI21AG 134WK-1B self Assoc
SSID [GroupVlan20] :
MAC Address IP address Device Name Parent State0040.96a6.7d64 192.168.1.5 CB21AG/PI21AG 134WK-1B self Assoc
Others: (not related to any ssid)
ap#show vlans
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
Veer Partap Singh 26(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
vLAN Trunk Interfaces: Dot11Radio1FastEthernet0Virtual-Dot11Radio0
This is configured as native Vlan for the following interface(s) :Dot11Radio1FastEthernet0Virtual-Dot11Radio0
Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 1 2165 0 Bridging Bridge Group 1 2165 0 Bridging Bridge Group 1 2167 0
Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interfaces: Dot11Radio1.10FastEthernet0.10Virtual-Dot11Radio0.10
Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 10 784428 783145 Bridging Bridge Group 10 784428 783145 Bridging Bridge Group 10 784428 783145
Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interfaces: Dot11Radio1.20FastEthernet0.20Virtual-Dot11Radio0.20
Veer Partap Singh 27(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 20 501659 500547 Bridging Bridge Group 20 501660 500548 Bridging Bridge Group 20 501660 500548
ap#show interfacesBVI1 is up, line protocol is up Hardware is BVI, address is 0013.1a32.9735 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/0 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 3 packets output, 180 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped outDot11Radio1 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 65/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never
Veer Partap Singh 28(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 12986 Queueing strategy: fifo Output queue: 0/30 (size/max) 5 minute input rate 3000 bits/sec, 3 packets/sec 5 minute output rate 13967000 bits/sec, 1464 packets/sec 3115 packets input, 340916 bytes, 2626 no buffer Received 1509 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 1289716 packets output, 1573638600 bytes, 0 underruns 0 output errors, 0 collisions, 14 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outDot11Radio1.10 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 66/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverDot11Radio1.20 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 66/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverFastEthernet0 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.9735)
Veer Partap Singh 29(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Full-duplex, 100Mb/s, MII ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 13932000 bits/sec, 1481 packets/sec 5 minute output rate 2000 bits/sec, 2 packets/sec 1310306 packets input, 1573946068 bytes Received 1310848 broadcasts, 0 runts, 0 giants, 9396 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 2132 packets output, 236262 bytes, 0 underruns 0 output errors, 0 collisions, 7 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outFastEthernet0.10 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.9735) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverFastEthernet0.20 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.97
Veer Partap Singh 30(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
35) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverVirtual-Dot11Radio0 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters 00:55:28 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/30 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outVirtual-Dot11Radio0.10 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0)
Veer Partap Singh 31(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverVirtual-Dot11Radio0.20 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverap#show bridge 10
Total of 300 station blocks, 298 freeCodes: P - permanent, S - self
Bridge Group 10:
Address Action Interface Age RX count TX count0040.96a6.7df0 forward Do1.10 P 415 109ap#show bridge 20
Total of 300 station blocks, 298 freeCodes: P - permanent, S - self
Bridge Group 20:
Address Action Interface Age RX count TX count0040.96a6.7d64 forward Do1.20 P 1287 160
Veer Partap Singh 32(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Switch Configuration
Switch>enableSwitch#vlan datSwitch(vlan)#vlan 10VLAN 10 added: Name: VLAN0010Switch(vlan)#vlan 20VLAN 20 added: Name: VLAN0020Switch(vlan)#exitAPPLY completed.Exiting....Switch#config tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#int fa0/1Switch(config-if)#switchport access 10 ^% Invalid input detected at '^' marker.
Switch(config-if)#switchport access vlan 10Switch(config-if)#exitSwitch(config)#int fa0/2Switch(config-if)#switchport access 20 ^% Invalid input detected at '^' marker.
Switch(config-if)#switchport access vlan 20Switch(config-if)#exitSwitch(config)#exitSwitch#
Veer Partap Singh 33(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
00:02:30: %SYS-5-CONFIG_I: Configured from console by consoleshow interface trunk
Switch#config tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#int fa0/3Switch(config-if)#switchport mode trunkSwitch(config-if)#exitSwitch(config)#00:03:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down00:03:05: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to upSwitch(config)#Switch(config)#exitSwitch#show00:03:10: %SYS-5-CONFIG_I: Configured from console by consolerunBuilding configuration...
Current configuration : 1471 bytes!version 12.1no service single-slot-reload-enableno service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!ip subnet-zero
Veer Partap Singh 34(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
!spanning-tree extend system-id!!interface FastEthernet0/1 switchport access vlan 10 no ip address!interface FastEthernet0/2 switchport access vlan 20 no ip address!interface FastEthernet0/3 switchport mode trunk no ip address!interface FastEthernet0/4 no ip address!interface FastEthernet0/5 no ip address!interface FastEthernet0/6 no ip address!interface FastEthernet0/7 no ip address!interface FastEthernet0/8 no ip address!interface FastEthernet0/9
Veer Partap Singh 35(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
no ip address!interface FastEthernet0/10 no ip address!interface FastEthernet0/11 no ip address!interface FastEthernet0/12 no ip address!interface FastEthernet0/13 no ip address!interface FastEthernet0/14 no ip address!interface FastEthernet0/15 no ip address!interface FastEthernet0/16 no ip address!interface FastEthernet0/17 no ip address!interface FastEthernet0/18 no ip address!interface FastEthernet0/19 no ip address!
Veer Partap Singh 36(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
interface FastEthernet0/20 no ip address!interface FastEthernet0/21 no ip address!interface FastEthernet0/22 no ip address!interface FastEthernet0/23 no ip address!interface FastEthernet0/24 no ip address!interface Vlan1 no ip address no ip route-cache shutdown!ip http server!!line con 0line vty 5 15!end
Switch#show interface trunk
Port Mode Encapsulation Status Native vlanFa0/3 on 802.1q trunking 1
Veer Partap Singh 37(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Port Vlans allowed on trunkFa0/3 1-4094
Port Vlans allowed and active in management domainFa0/3 1,10,20
Port Vlans in spanning tree forwarding state and not prunedFa0/3 noneSwitch#show mac-address-table Mac Address Table------------------------------------------
Vlan Mac Address Type Ports---- ----------- ---- ----- 10 0002.557a.8125 DYNAMIC Fa0/1 10 0040.96a6.7df0 DYNAMIC Fa0/3 20 0002.5573.0840 DYNAMIC Fa0/2 20 0040.96a6.7d64 DYNAMIC Fa0/3 1 0011.20ee.d2c0 DYNAMIC Fa0/3 1 0013.1a32.9735 DYNAMIC Fa0/3Total Mac Addresses for this criterion: 6Switch#show vlan
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24
Veer Partap Singh 38(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
10 VLAN0010 active Fa0/120 VLAN0020 active Fa0/21002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 01003 tr 101003 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1004 fdnet 101004 1500 - - - ieee - 0 01005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs------------------------------------------------------------------------------
Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------
Switch# show runBuilding configuration...
Current configuration : 1471 bytes!
Veer Partap Singh 39(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
version 12.1no service single-slot-reload-enableno service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!ip subnet-zero!spanning-tree extend system-id!!interface FastEthernet0/1 switchport access vlan 10 no ip address!interface FastEthernet0/2 switchport access vlan 20 no ip address!interface FastEthernet0/3 switchport mode trunk no ip address!interface FastEthernet0/4 no ip address!interface FastEthernet0/5 no ip address
Veer Partap Singh 40(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
!interface FastEthernet0/6 no ip address!interface FastEthernet0/7 no ip address!interface FastEthernet0/8 no ip address!interface FastEthernet0/9 no ip address!interface FastEthernet0/10 no ip address!interface FastEthernet0/11 no ip address!interface FastEthernet0/12 no ip address!interface FastEthernet0/13 no ip address!interface FastEthernet0/14 no ip address!interface FastEthernet0/15 no ip address!interface FastEthernet0/16
Veer Partap Singh 41(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
no ip address!interface FastEthernet0/17 no ip address!interface FastEthernet0/18 no ip address!interface FastEthernet0/19 no ip address!interface FastEthernet0/20 no ip address!interface FastEthernet0/21 no ip address!interface FastEthernet0/22 no ip address!interface FastEthernet0/23 no ip address!interface FastEthernet0/24 no ip address!interface Vlan1 no ip address no ip route-cache shutdown!ip http server
Veer Partap Singh 42(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
!!line con 0line vty 5 15!end
Switch#
Veer Partap Singh 43(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
Appendix D
Network 4 Access Point Configuration
ap#show runBuilding configuration...Current configuration : 2097 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname ap!logging queue-limit 100enable secret 5 $1$rmJw$V105v9aYkS7SBoewsCaUs/!username Cisco password 7 106D000A0618ip subnet-zero!!!bridge irb!!interface Dot11Radio1 no ip address no ip route-cache !
Veer Partap Singh 44(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
ssid group1 authentication open ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 rts threshold 2312channel 5260 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled!interface FastEthernet0 ip address 192.168.10.3 255.255.255.0 no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled!interface BVI1 ip address 192.168.10.1 255.255.255.0 no ip route-cache!ip http serverip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100ip radius source-interface BVI1bridge 1 route ip
Veer Partap Singh 45(2040589)
Assignments 1 & 2 Network Technology 1 Unit CSG5135
!!!line con 0line vty 0 4 login localline vty 5 15 login!end
PIX Firewall configuration
PIX Version 6.3(4)interface ethernet0 100fullinterface ethernet1 100fullinterface ethernet2 100fullnameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50access-list 100 permit udp any anypager lines 24ip address outside 192.168.1.1 255.255.255.0ip address inside 192.168.100.1 255.255.255.0ip address dmz 192.168.50.1 255.255.255.0multicast interface outsidemulticast interface dmzstatic (dmz,outside) 192.168.1.99 192.168.50.2 netmask 255.255.255.255 0 0access-group 100 in interface outside
Veer Partap Singh 46(2040589)