assignment 1 & 2 of nt1

Assignments 1 & 2 Network Technology 1 Unit CSG5135

Table of Contents

Introduction to wireless LAN topologies 2

Network 1: Ad hoc 4

Pictorial view 4

Topology map 5

Screen shots 5

State Diagram 9

Network 2: Infrastructure 10

Topology map 10

State Diagram 12

Network 3: using access point and switch 13

Topology map 14

State diagram 15

Comments 17

Network 4: PIX Firewall 17

Topology 18

State Diagram 19

Appendix A: Configurations for network 1 20

Appendix B: Configurations for network 2 22

Appendix C: Configurations for network 3 26

Appendix D: Configurations for network 4 44

Veer Partap Singh 1(2040589)


Introduction to wireless LAN topologies

In wireless LAN we have the option of deploying three types of WLAN topologies:

Independent basic service sets (IBSSs)

Basic service sets (BSSs)

Extended service sets (ESSs)

A service set is a logical grouping of devices. WLANs provide network access by broadcasting a signal across a wireless radio

frequency (RF) carrier. A receiving station can be within range of a number of transmitters. The transmitter prefaces its transmissions

with a service set identifier (SSID). The receiver uses the SSID to filter through the received signals and locate the one it wants to

listen to.

IBSS

An IBSS consists of a group of 802.11 stations communicating directly with one another. An

IBSS is also referred to as an ad-hoc network because it is essentially a simple peer-to-peer

WLAN.

BSS

A BSS is a group of 802.11 stations communicating with one another. A BSS requires a specialized station known as an access point

(AP). The AP is the central point of communications for all stations in a BSS. The client stations do not communicate directly

other client stations. Rather, they communicate with the AP, and the AP forwards the frames to the destination stations. The AP might

be equipped with an uplink port that connects the BSS to a wired network (for example, an Ethernet uplink). Because of this

requirement, a BSS is also referred to as an infrastructure BSS.



ESS

Multiple infrastructure BSSs can be connected via their uplink interfaces. In the world of 802.11, the uplink interface connects the

BSS to the distribution system (DS). The collection of BSSs interconnected via the DS is known as the ESS.



Network 1: Ad hoc

An ad hoc or independent basic service set (IBSS) network is created when individual client devices form a self-contained network

without the use of an access point. There is no standards-based limit as to the number of devices that can be in an IBSS. But because

every device is a client, often, certain members of the IBSS cannot talk to each other because of the hidden node issue. In spite of this,

there is no mechanism for a relay function in an IBSS. Because no access point is in an IBSS, timing is controlled in a distributed

manner. An Ad hoc WLAN can be shown as follows:

Pictorial view

(Khan, 2004)



Topology Map:

Screen Shots

Network Name: As with any network there should be a unique identifier. Service set Identifier (SSID) is used by client to identify

the network. In this experiment I have given SSID group1 on 4 wireless adapters. As shown in the following screen shot.


PC 1

PC 3

PC 2PC 4


Following networks are used for four adapters:

192.168.1.1

192.168.1.2



192.168.1.3

192.168.1.4 And the SNM is same for everyone 255.255.255.0

IPTV server is installed on one of the machine and rests of 3 adapters are installed with IPTV Client. From the server, allow the

different program for multicasting out of 6 one-by-one. It is observed that 3 programs are running successfully at different data

rate like 500 kbps, 1.6 Mbps, 1.4 Mbps.



Above screen shots are showing the fact that 3 programs are running successfully.

Comments for Network 1

For Adhoc networks to work in wireless network, SSID should be same. Here in this case SSID is Group 1. Multicasting was

happening without any problem up to three programs. Both of these programs were tried on all the bandwidths available.



State Diagram :Adhoc network


Interface IP address

Wireless NIC 1 192.168.1.1/24

Group Video IP 239.255.12.189

Video MAC 01.00.5E.7f.0C.BD

Group Audio IP 239.255.233.213

Audio MAC 01.00.5E.7f.E9.D5


Wireless NIC 2 192.168.1.2/24




Interface Wireless NIC

SSID Group1

Network Ad hoc

Encryption None

MAC 00-40-96-A6-7D-F0


SSID Group1


SSID Group1

Network Ad hoc

Authentication None

Encryption None

AP authentication Open

MAC 00-40-96-A6-7D-33

NIC 802.11aPower level 20mWChannel Frequency

36 (5180MHz)

Data rate AutoPower save mode

Constantly Awake Mode (CAM)


36 (5180MHz)

PC2 IP/TV Client – Business TVPC 1 IP/TV Server – Business TV

Layer 3:NetworkLayer

Layer 2:Data LinkLayer

Layer 1:PhysicalLayer





Network 2: Using Wireless Access Point

This type of network is called Basic Service Set (BSS). A Basic Service Set is a group of wireless stations communicating with one

another. A BSS requires a specialized station known as an access point (AP). The AP is the central point of communications for all

stations in a BSS. The client stations do not communicate directly other client stations. Rather, they communicate with the AP, and the

AP forwards the frames to the destination stations. The AP might be equipped with an uplink port that connects the BSS to a wired

network (for example, an Ethernet uplink). Because of this requirement, a BSS is also referred to as an infrastructure BSS.

Topology Map


PC 1 PC 2 PC 3


Access Point

AP operates within a specific frequency spectrum and uses an 802.11 standard modulation technique. It also informs the wireless

clients of its availability and authenticates and associates wireless clients to the wireless network. An AP also coordinates the wireless

clients' use of wired resources. It should be noted that there are several kinds of APs, including single radio and multiple radios, based

on different 802.11 technologies. In simple words, Access Point is the central communication point for wireless network users. It can

link wired and wireless networks together. It can also be connected together to let wireless users roam between APs without

interruption. AP can provide enterprise level security, monitoring, and manageability.

State diagram of Network 2





Wireless NIC 2 192.168.1.2/24



Group Audio IP 239.255.233.213Interface IP address

Wireless NIC 1 192.168.1.1/24




Audio MAC 01.00.5E.7f.E9.D5


SSID Group1

Network Infrastructure

Encryption None

MAC 00-40-96-A6-7D-F0


SSID Group1Interface Wireless NIC

SSID Group1

Network Infrastructure

Authentication None

Encryption None

AP authentication Open

MAC 00-40-96-A6-7D-33


36 (5180MHz)


36 (5180MHz)

Data rate AutoPower save mode

Constantly Awake Mode (CAM)

MAC IP Device Name Parent State

004096A67D33 192.168.1.1

Self Assoc

0040.96a6.7df0 192.168.1.2

Self Assoc

Interface dot11radio1

SSID Group1

Authentication Open

PC 1 IP/TV Server – Business TV





Layer 1:Physical

Access Point (AP)


Network 3

This is infrastructure network and it uses wireless access point and one switch. Here two multicast servers are attached to a

switch and this switch is connected to a wireless access point. This is further attached with two clients. Two VLANs are used.



Topology for Network 3:


Multicast serverVLAN 1

IP 192.168.1.4

Multicast clientVLAN 2

IP 192.168.1.3

Multicast clientVLAN 1

IP 192.168.1.5

Multicast serverVLAN 2

IP 192.168.1.2

AP

SWITCH

VLAN 10 VLAN 20



Interface Ethernet 0IP 192.168.1.5SSID Group1Network InfrastructureAuthentication OpenMAC 0040.96a6.7d64

Interface Wireless NICIP 192.168.1.3SSID Group 1Network InfrastructureAuthentication OpenMAC 0040.96a6.7df0

MAC IP Device Name Parent State

0040.96a6.7df0 192.168.1.3

CB21AG/PI2IAG 134WK-1B

Self Assoc

0040.96a6.7d64 192.168.1.5

CB21AG/PI2IAG 134WK-1B

Self Assoc

Interface dot11radio1SSIDNetwork InfrastructureAuthentication OpenBridge group 1MAC 0011.20ee.d2c0

Interface dot11radio1.10SSID Groupvlan10Network InfrastructureAuthentication OpenEncapsulation 802.1qMAC 0011.20ee.d2c0Bridge group 10

VLAN 10

Interface dot11radio1.20SSID Groupvlan20Network InfrastructureAuthentication OpenEncapsulation 802.1qMAC 0011.20ee.d2c0Bridge group 20

VLAN 20Interface Ethernet 0IP MAC 0013.1a32.9735

Interface Ethernet 0.10 MAC 0013.1a32.9735Encapsulation 802.1.qVLAN 10Bridge group 10

Interface Ethernet 0.20 MAC 0013.1a32.9735Encapsulation 802.1.qVLAN 20Bridge group 20

Access Point

Switch CAT 1

Access Point


VLAN MAC address Type Interface10 0002.557a.8125 DYNAMIC Fa0/110 0040.96a6.7df0 DYNAMIC Fa0/320 0002.5573.0840 DYNAMIC Fa0/220 0040.96a6.7d64 DYNAMIC Fa0/31 0011.20ee.d2c0 DYNAMIC Fa0/31 0013.1a32.9735 DYNAMIC Fa0/3


Interface Ethernet 0.10

Encapsulation 802.1q

Status Trunking

Native VLAN 1

Allow VLAN 1-4894



Status Non Trunk

Native VLAN 1

Allow VLAN 10



Status Non Trunk

Native VLAN 1

Allow VLAN 20

Interface Cable NICIP 192.168.1.4

PC 1

PC 4

PC 3

PC 2

PC 5


Comment

The multicast server can transmit all of the 6 multicast streams at one time, but the client can only display 3 multicast programmes

without any interruption with minimum use of CPU. Multicast stream is only received by client belonging to particular vlan

Network 4 Wireless Access Point and PIX firewall

As one of the first technologies employed to protect networks from unauthorized access, the firewall has come to exemplify network

security.While an overall security strategy requires the harmonious integration of people, process, and technology to reduce risk, there

is no doubt that firewalls can be a very valuable security tool when properly implemented. Today, the use of firewalls has become

such an accepted practice that their deployment in one fashion or another is virtually a foregone conclusion when designing and

building networks. Recognizing this need, Cisco Systems has developed and continues to improve upon its line of PIX firewalls.

These systems have steadily gained market leadership by demonstrating an excellent mix of functionality, performance, and

flexibility. Firewalls have become increasingly sophisticated devices as the technology has matured. At its most basic level, a firewall

is intended to enforce a security policy governing the network traffic that passes through it. To this basic functionality, Cisco has

added many features such as network address translation (NAT), virtual private networks (VPN), and redundant architectures for high

availability. Management systems are typically installed along with the firewall to assist with monitoring and administrating the

device. A maxim of IT security is that technology is only as effective as the people responsible for its operation. Therefore, it is

extremely important for the technical staff managing PIX firewalls to understand the technical functionality of these devices, as this

will result in better security and more efficient operation of the equipment.



Cisco’s PIX firewalls are a series of appliances that offer world-class security and high levels of performance and reliability. They are

a mature product, having been a part of enterprise and service provider networks since 1995. Cisco PIX firewalls fit into a wide range

of environments, from small office/home office (SOHO) environments to large enterprises and service providers. With support for

complex protocols, the latest VPN technologies, and intrusion detection features, the PIX is one of the leading firewalls in the market.

Topology


Multicast server 192.168.100.2

Gateway: 192.168.100.1Inside

Multicast client192.168.50.2

Gateway: 192.168.50.1Outside

Multicast client192.168.1.2

Gateway: 192.168.1.1Outside

AP

SWITCH

PIX Firewall



GLOBAL LOCAL

192.168.1.0 192.168.100.2

Nameif Outside

NAT id 1

Global ip 192.168.1.10

Global ip 192.168.1.20

SNM 255.255.255.0

interface E1

nameif inside

Security 100

IP 192.168.1.1/24

Interface Inside DMZ Outside

IP 192.168.100.2 192.168.1.2

MAC 000255730ad7 000025573095

Nameif Inside

NAT id 1

Real IP 192.168.100.0

SNM 255.255.255.0Max conn 0

Emb limit 0

interface E2

nameif dmz

Security 50

IP 192.168.50.1/24

INTERFACE INSIDE DMZ OUTSIDE

IP 192.168.1.0 192.168.50.0 192.168.100.0

SNM 255.255.255.0 255.255.255.0 255.255.255.0

IP 192.168.1.1 192.168.50.1 192.168.100.1

Metric 1 1 1

connect connect connect

Type static static static

interface Cable NICIP 192.168.50.2Gateway 192.168.50.1

interface Cable NIC

IP 192.168.1.2

Gateway 192.168.1.1

interface Wireless

IP 192.168.100.2

Gateway 192.168.100.1

Name ACLIN ACLIN2

Permit/deny Permit permit

protocol TCP TCP

source Any Any

Destination 192.168.50.99 192.168.100.99

parameters Eq www Eq www

interface E2

nameif outside

Security 0

IP 192.168.100.1/24

Inside 192.168.100.2outside 192.168.1.99

inside 192.168.100.2dmz 192.168.50.99

State Diagram


Appendix A

Configurations for Network 1: Adhoc Network

PC 1: IPTV Server Business TV

C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:Connection-specific DNS Suffix . :Description . . . . . . . . . . . : Cisco Systems AIR-CB20A 802.11a Wireless LAN Adapter #3Physical Address. . . . . . . . . : 00-40-96-A6-7D-33

Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 192.168.1.1Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . :



PC 2 IPTV Client Business TV

C:\>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :Description . . . . . . . . . . . : Cisco Systems AIR-CB20A 802.11a Wireless LAN Adapter #3Physical Address. . . . . . . . . : 00-40-96-A6-7D-F0Dhcp Enabled. . . . . . . . . . . : NoIP Address. . . . . . . . . . . . : 192.168.1.2Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . :



Appendix B

Configurations for Network 2: Infrastructure

Access Point Configuration

Building configuration...

Current configuration : 1886 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname AP2!logging queue-limit 100enable secret 5 $1$PUEC$PMe9aKILcC8YKvvdtAEZK1!username Cisco password 7 13261E010803ip subnet-zero!!!bridge irb!!interface Dot11Radio1 no ip address



no ip route-cache ! ssid Group-vlan10 vlan 10 authentication open ! ssid Group-vlan20 vlan 20 authentication open ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 rts threshold 2312 channel 5240 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled!interface Dot11Radio1.10 encapsulation dot1Q 10 no ip route-cache bridge-group 10 bridge-group 10 subscriber-loop-control bridge-group 10 block-unknown-source no bridge-group 10 source-learning no bridge-group 10 unicast-flooding bridge-group 10 spanning-disabled!interface Dot11Radio1.20



no ip route-cache!interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled!interface FastEthernet0.10 encapsulation dot1Q 10 no ip route-cache bridge-group 10 no bridge-group 10 source-learning bridge-group 10 spanning-disabled!interface FastEthernet0.20 encapsulation dot1Q 20 no ip route-cache bridge-group 20 no bridge-group 20 source-learning bridge-group 20 spanning-disabled!interface BVI1 no ip address no ip route-cache!ip http serverip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100



ip radius source-interface BVI1bridge 1 route ip!!!line con 0line vty 0 4 login localline vty 5 15 login!end



Appendix C

Configurations for Network 3 : Using Wireless Access Point and Switch

Access Point Configuration

ap#show dot11 associations

802.11 Client Stations on Dot11Radio1:

SSID [GroupVlan10] :

MAC Address IP address Device Name Parent State0040.96a6.7df0 192.168.1.3 CB21AG/PI21AG 134WK-1B self Assoc

SSID [GroupVlan20] :

MAC Address IP address Device Name Parent State0040.96a6.7d64 192.168.1.5 CB21AG/PI21AG 134WK-1B self Assoc

Others: (not related to any ssid)

ap#show vlans

Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)



vLAN Trunk Interfaces: Dot11Radio1FastEthernet0Virtual-Dot11Radio0

This is configured as native Vlan for the following interface(s) :Dot11Radio1FastEthernet0Virtual-Dot11Radio0

Protocols Configured: Address: Received: Transmitted: Bridging Bridge Group 1 2165 0 Bridging Bridge Group 1 2165 0 Bridging Bridge Group 1 2167 0


vLAN Trunk Interfaces: Dot11Radio1.10FastEthernet0.10Virtual-Dot11Radio0.10



vLAN Trunk Interfaces: Dot11Radio1.20FastEthernet0.20Virtual-Dot11Radio0.20




ap#show interfacesBVI1 is up, line protocol is up Hardware is BVI, address is 0013.1a32.9735 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 5000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/0 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 3 packets output, 180 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped outDot11Radio1 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 65/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:00, output hang never



Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 12986 Queueing strategy: fifo Output queue: 0/30 (size/max) 5 minute input rate 3000 bits/sec, 3 packets/sec 5 minute output rate 13967000 bits/sec, 1464 packets/sec 3115 packets input, 340916 bytes, 2626 no buffer Received 1509 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 1289716 packets output, 1573638600 bytes, 0 underruns 0 output errors, 0 collisions, 14 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outDot11Radio1.10 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 66/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverDot11Radio1.20 is up, line protocol is up Hardware is 802.11A Radio, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 66/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverFastEthernet0 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.9735)



MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Full-duplex, 100Mb/s, MII ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 13932000 bits/sec, 1481 packets/sec 5 minute output rate 2000 bits/sec, 2 packets/sec 1310306 packets input, 1573946068 bytes Received 1310848 broadcasts, 0 runts, 0 giants, 9396 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 2132 packets output, 236262 bytes, 0 underruns 0 output errors, 0 collisions, 7 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outFastEthernet0.10 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.9735) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverFastEthernet0.20 is up, line protocol is up Hardware is PowerPC405GP Ethernet, address is 0013.1a32.9735 (bia 0013.1a32.97



35) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 35/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverVirtual-Dot11Radio0 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output never, output hang never Last clearing of "show interface" counters 00:55:28 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/30 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 input packets with dribble condition detected 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped outVirtual-Dot11Radio0.10 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0)



MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 10. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverVirtual-Dot11Radio0.20 is down, line protocol is down Hardware is Virtual Dot11 interface, address is 0011.20ee.d2c0 (bia 0011.20ee.d2c0) MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 20. ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters neverap#show bridge 10

Total of 300 station blocks, 298 freeCodes: P - permanent, S - self

Bridge Group 10:

Address Action Interface Age RX count TX count0040.96a6.7df0 forward Do1.10 P 415 109ap#show bridge 20

Total of 300 station blocks, 298 freeCodes: P - permanent, S - self

Bridge Group 20:

Address Action Interface Age RX count TX count0040.96a6.7d64 forward Do1.20 P 1287 160



Switch Configuration

Switch>enableSwitch#vlan datSwitch(vlan)#vlan 10VLAN 10 added: Name: VLAN0010Switch(vlan)#vlan 20VLAN 20 added: Name: VLAN0020Switch(vlan)#exitAPPLY completed.Exiting....Switch#config tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#int fa0/1Switch(config-if)#switchport access 10 ^% Invalid input detected at '^' marker.

Switch(config-if)#switchport access vlan 10Switch(config-if)#exitSwitch(config)#int fa0/2Switch(config-if)#switchport access 20 ^% Invalid input detected at '^' marker.

Switch(config-if)#switchport access vlan 20Switch(config-if)#exitSwitch(config)#exitSwitch#



00:02:30: %SYS-5-CONFIG_I: Configured from console by consoleshow interface trunk

Switch#config tEnter configuration commands, one per line. End with CNTL/Z.Switch(config)#int fa0/3Switch(config-if)#switchport mode trunkSwitch(config-if)#exitSwitch(config)#00:03:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to down00:03:05: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to upSwitch(config)#Switch(config)#exitSwitch#show00:03:10: %SYS-5-CONFIG_I: Configured from console by consolerunBuilding configuration...

Current configuration : 1471 bytes!version 12.1no service single-slot-reload-enableno service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!ip subnet-zero



!spanning-tree extend system-id!!interface FastEthernet0/1 switchport access vlan 10 no ip address!interface FastEthernet0/2 switchport access vlan 20 no ip address!interface FastEthernet0/3 switchport mode trunk no ip address!interface FastEthernet0/4 no ip address!interface FastEthernet0/5 no ip address!interface FastEthernet0/6 no ip address!interface FastEthernet0/7 no ip address!interface FastEthernet0/8 no ip address!interface FastEthernet0/9



no ip address!interface FastEthernet0/10 no ip address!interface FastEthernet0/11 no ip address!interface FastEthernet0/12 no ip address!interface FastEthernet0/13 no ip address!interface FastEthernet0/14 no ip address!interface FastEthernet0/15 no ip address!interface FastEthernet0/16 no ip address!interface FastEthernet0/17 no ip address!interface FastEthernet0/18 no ip address!interface FastEthernet0/19 no ip address!



interface FastEthernet0/20 no ip address!interface FastEthernet0/21 no ip address!interface FastEthernet0/22 no ip address!interface FastEthernet0/23 no ip address!interface FastEthernet0/24 no ip address!interface Vlan1 no ip address no ip route-cache shutdown!ip http server!!line con 0line vty 5 15!end

Switch#show interface trunk

Port Mode Encapsulation Status Native vlanFa0/3 on 802.1q trunking 1



Port Vlans allowed on trunkFa0/3 1-4094

Port Vlans allowed and active in management domainFa0/3 1,10,20

Port Vlans in spanning tree forwarding state and not prunedFa0/3 noneSwitch#show mac-address-table Mac Address Table------------------------------------------

Vlan Mac Address Type Ports---- ----------- ---- ----- 10 0002.557a.8125 DYNAMIC Fa0/1 10 0040.96a6.7df0 DYNAMIC Fa0/3 20 0002.5573.0840 DYNAMIC Fa0/2 20 0040.96a6.7d64 DYNAMIC Fa0/3 1 0011.20ee.d2c0 DYNAMIC Fa0/3 1 0013.1a32.9735 DYNAMIC Fa0/3Total Mac Addresses for this criterion: 6Switch#show vlan

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24



10 VLAN0010 active Fa0/120 VLAN0020 active Fa0/21002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1 enet 100001 1500 - - - - - 0 010 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 0 01003 tr 101003 1500 - - - - - 0 0

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------1004 fdnet 101004 1500 - - - ieee - 0 01005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs------------------------------------------------------------------------------

Primary Secondary Type Ports------- --------- ----------------- ------------------------------------------

Switch# show runBuilding configuration...

Current configuration : 1471 bytes!



version 12.1no service single-slot-reload-enableno service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname Switch!!ip subnet-zero!spanning-tree extend system-id!!interface FastEthernet0/1 switchport access vlan 10 no ip address!interface FastEthernet0/2 switchport access vlan 20 no ip address!interface FastEthernet0/3 switchport mode trunk no ip address!interface FastEthernet0/4 no ip address!interface FastEthernet0/5 no ip address



!interface FastEthernet0/6 no ip address!interface FastEthernet0/7 no ip address!interface FastEthernet0/8 no ip address!interface FastEthernet0/9 no ip address!interface FastEthernet0/10 no ip address!interface FastEthernet0/11 no ip address!interface FastEthernet0/12 no ip address!interface FastEthernet0/13 no ip address!interface FastEthernet0/14 no ip address!interface FastEthernet0/15 no ip address!interface FastEthernet0/16



no ip address!interface FastEthernet0/17 no ip address!interface FastEthernet0/18 no ip address!interface FastEthernet0/19 no ip address!interface FastEthernet0/20 no ip address!interface FastEthernet0/21 no ip address!interface FastEthernet0/22 no ip address!interface FastEthernet0/23 no ip address!interface FastEthernet0/24 no ip address!interface Vlan1 no ip address no ip route-cache shutdown!ip http server



!!line con 0line vty 5 15!end

Switch#



Appendix D

Network 4 Access Point Configuration

ap#show runBuilding configuration...Current configuration : 2097 bytes!version 12.2no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname ap!logging queue-limit 100enable secret 5 $1$rmJw$V105v9aYkS7SBoewsCaUs/!username Cisco password 7 106D000A0618ip subnet-zero!!!bridge irb!!interface Dot11Radio1 no ip address no ip route-cache !



ssid group1 authentication open ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 rts threshold 2312channel 5260 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled!interface FastEthernet0 ip address 192.168.10.3 255.255.255.0 no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled!interface BVI1 ip address 192.168.10.1 255.255.255.0 no ip route-cache!ip http serverip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/122-15.JA/1100ip radius source-interface BVI1bridge 1 route ip



!!!line con 0line vty 0 4 login localline vty 5 15 login!end

PIX Firewall configuration

PIX Version 6.3(4)interface ethernet0 100fullinterface ethernet1 100fullinterface ethernet2 100fullnameif ethernet0 outside security0nameif ethernet1 inside security100nameif ethernet2 dmz security50access-list 100 permit udp any anypager lines 24ip address outside 192.168.1.1 255.255.255.0ip address inside 192.168.100.1 255.255.255.0ip address dmz 192.168.50.1 255.255.255.0multicast interface outsidemulticast interface dmzstatic (dmz,outside) 192.168.1.99 192.168.50.2 netmask 255.255.255.255 0 0access-group 100 in interface outside


assignment 1 & 2 of nt1

Documents

veer partap

specific dns

primary dns

wins proxy

tree extend

chang ed state

enter configuration

total output