SIMULATION -
Instructions -
To configure the switch click on the console host icon.
You can click on the buttons below to view the different windows.
Each of the windows can be minimized by clicking on the [-]. You can also reposition a window by dragging it by the title bar.
Most commands that use the "Control" or "Escape" keys are not supported and are not necessary to complete this simulation. The help command does not display all commands of the help system.
Scenario -
ABC.com is an IT company that has an existing enterprise network comprised of two layer 2 only switches; DSW1 and ASW1. The topology diagram indicates their layer 2 mapping. VLAN 20 is a new VLAN that will be used to provide the shipping personnel access to the server. Corporate polices do not allow layer 3 functionality to be enabled on the switches. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:
✑ Users connecting to VLAN 20 via port f0/1 on ASW1 must be authenticated before they are given access to the network. Authentication is to be done via a
Radius server:
- Radius server host 172.120.40.46
- Radius key: rad123
- Authentication should be implemented as close to the host as possible.
✑ Devices on VLAN 20 are restricted to the subnet of 172.120.40.0/24.
- Packets from devices in the subnet of 172.120.40.0/24 should be allowed on VLAN 20.
- Packets from devices in any other address range should be dropped on VLAN20.
- Filtering should be implemented as close to the server farm as possible.
The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers. You must use the available IOS switch features.
: Named access list is not supported.
Note -
ReikiDude
5 years, 5 months agodiegonamaste
5 years, 11 months agoDimS
5 years, 10 months agoDimS
5 years, 10 months ago