Network Professionals

Amandeep Singh
Student id 056252627
Table of Contents
Step 1. Planning IP Addressing...................................................................................3
Step 2. Choosing Cisco Network Devices...................................................................4
Step 3. Accommodating Additional IP Address Requirements...............................6
Step 4. Creating Access Lists.......................................................................................6
Step 5. Installing and Configuring a Router..............................................................8
Step 6. Installing and Configuring DNS and Active Directory................................9
Step 7. Implementing DHCP Services......................................................................10
Step 8. Performing Active Directory Administration.............................................11
Step 9. Adding a Second Domain Controller and Transferring FSMO Roles.....13
Step 10. Configuring a VPN Server..........................................................................16

Step 1. Planning IP Addressing

It was possible to obtain a single dedicated Class C IP address. The internal

network ip has previously been determined to be 192.168.x.0 (ask your educator
for a figure for x), and all nodes must have valid hosting IP addresses inside this
access protocol. Your job is to properly organise IP subnet mask for the network
so that all of the systems and associated devices can work together. Suppose the
network isn't RFC-compliant, which means all 0 and 1 subnet addresses aren't
allowed. How you design your networks is influenced by the amount of
computers you anticipate to support. Your company may require a tiny network
of a few dozen stand-alone devices on a particular level of a single structure.
Alternatively, you may be required to set up a connection with over 1,000
systems spread across multiple buildings. This design may necessitate
subdividing your system into smaller sections known as subnets. These 32-bit
addresses were developed for TCP/IP and are the initial IP addressing standard.
IP systems were originally divided into three categories: A, B, and C. This class
identification, plus 8 or even more bits to identify a host, is reflected in the
networking identifier that is allocated to a networks. A netmask for the
networking number is required for class-based IPv4 addresses. Furthermore,
these domains were frequently separated into subnetworks to make more
domains accessible for devices on the local area network.

Segment Subnet Address Subnet Mask Available host

addresses
A 92.168.116.0/27 255.255.255.0 192.168.116.1
B 192.168.116.0/27 255.255.255.0 192.168.116.63
C 192.168.116.32/27 255.255.255.0 192.168.116.95
D 192.168.116.64/27 255.255.255.0 192.168.116.127
E 192.168.116.96/27 255.255.255.0 192.168.116.159
F 192.168.116.128/27 255.255.255.0 192.168.116.191
G 192.168.116.160/27 255.255.255.0 192.168.116.223
H 192.168.116.192/27 255.255.255.0 192.168.116.255
I 192.168.116.224/27 255.255.255.0 192.168.116.30

The Internet Engineering Task Force (IETF) has created Classless Inter-Domain
Routing (CIDR) numbers as a short- to moderate solution to the IPv4 address
issue. Furthermore, the CIDR form was created to address the worldwide
Internet route tables' capacity shortage. An IPv4 address written in CIDR
notation is 32 bits long and uses the same separated by dots format as an IPv6
address. The networking component of the Internet protocol is defined by CIDR
by adding a prefix identifier after the upper righthand byte.

Step 2. Choosing Cisco Network Devices

Make a note of the make and model on your gleaming new switch. Inspect the
device hardware and related cords for any breakage if you're using a spare. If
everything seems good, turn on the switches and make sure all of the indication
lights are functional. Next, connect your computer towards the switch through a
rollover cable. To do so, you'll need to get Putty and install it (or a similar, fun-
named software tool). Choose the 9600 baud serial communication in Putty.
You're currently connected to the network and ready to examine the results of
the instructions below. A system should have at least one form network adapter
to reach a global audience. Each networking interface is required to have its own
IP address. You must provide the Internet address for the very first connection
found by the Solaris setup application even during installation process.
Typically, that interface is referred to as handset, such as eri0 or hme0. This
connection is the most important network interface. When you create a second
network adapter to a host, each interface requires its own Internet address. The
server becomes multihomed once you connect the additional network adapter.
When you give a host a second tcp connection and activate IP filtering, that host
transforms into a router. For more information, see Installing an IPv4 Router.

It depicts a high - performance data networking and router (rather than a stack
of many units). All equipment on segmentation A, B, G, H, I, and J require high-
speed Internet (100BaseT) connectivity, while all equipment on section L are
10BaseT, and other such sections include a mix of 10BaseT and 100BaseT
devices. As indicated, Modem 4 must be able to access the internet through
ISDN. An ISDN connection must be built-in to the Cisco model introduced for
this routers, not just available as a contribute card. If both meet the
requirements, the cheapest number version must be utilised (e.g., a 2500 range
routers must be chosen over a 3600 number routers if both fulfil the criteria; the
2501 model should be chosen over the 2502 version if one or both fulfil the
criteria).

Network Devices Hardware Model

Hub 1 TCP/IP model
Hub 2 TCP/IP model
Hub 3 TCP/IP model
Hub 4 TCP/IP model
Hub 5 TCP/IP model
Hub 6 TCP/IP model
Hub 7 TCP/IP model
Router 1 Windows Server 2008
Router 2 Windows Server 2007

Step 3. Accommodating Additional IP Address Requirements

A computer should have at minimum one networking connection in order to

connect, as detailed in "Access Points." Each networking interface is required to
have its own Internet address. The network connection, often known as the
principal network connection, is given the IP address which you provide to a
host. When you create a second network adapter to a machine, it needs to have
its own IP address. The addition of a second network connection transforms a
computer from a hosting to a router. A host becomes a multicast host when a
second network connection is added and routing is disabled.In the /devices
folder, each access point has a device model, device driver, and related device
file. The network connection could be named le0 or smc0, which are device
identifiers for two typical Ethernet interfaces. It has been notified that sections A
and B may grow larger beyond the values cultural basis once you have designed
your Networking devices and chosen the network gear. Rather than 12 PCs, they
will have to handle 25 PCs apiece. Provide the easiest solution to this problem by
identifying which interfaces in which routers will need setup. Indicate which IP
addresses will be used to handle all of the guests on segments A and B.

Step 4. Creating Access Lists

ACLs (Access Control Lists) are a set of permit and prohibit criteria (called
rules) that would provide security by preventing unauthorised users from
accessing specified services while enabling authorised users to do so. ACLs can
also be used to govern traffic flow, limit the substance of routing changes, and
determine which kinds of information are transmitted and which are banned.
ACLs are typically found in a firewall routers or a router that connects two
internal systems.Layer 2, Layer 3, and Layer 4 ACLs can be used to manage
traffic. Layer 2 is where MAC ACLs operate. Layers 3 and 4 are where IP ACLs
function. Flow-based Emulation and ACL Logging are two ACL support
capabilities. The ability to reflect traffic that meets a permitted rule to a
particular physical port or LAG is known as circulation mirrored. Stream
mirroring is identical to redirecting, except that a duplicate of the allowed traffic
is given to the mirror interface whereas the packets is routed properly via the
equipment. Mirror and redirect characteristics cannot be used to create an ACL
rule. ACL logging allows you to keep track of how many times an ACL rule has
been "struck." When you activate ACL Recording, you add a 'log' argument to
the ACL deny rule definition, which enables equipment hit count collecting and
reporting. FASTPATH employs a four logging period, which during period trap
log lines are created for each ACL monitoring rule with a non-zero hit count
throughout that time. You can't change the logging settings.

Step 5. Installing and Configuring a Router

Step 1: Choose a location for the router.

Access the internet in Step 2....
Configure the network adapter port in Step 3....
Connect the gateway to the router in step four...
Step 5: Use an app or an online dashboard to track your progress.
Step 6: Make a login and password for yourself.
Step 7: Install and update on the router.
Create a Wi-Fi passwords in step 8.

ISPs may give clients gateways with constructed routers in some situations.
These hybrid devices are typically not designed for business contexts, and they
lack extra ports, encryption, and other features that allows users to add
applications and expand networking as your company expands.
If your gateway has an incorporated router, you'll need to configure it to disable
the router and send the WAN IP address—the distinct Public address to a
computer assigned to your accounts by your Internet provider—along with all
network traffic to your network adapter. If your router has auto-install
capabilities, use them to continue the job. For example, with the Internet
Protocol (DHCP), that distributes IP addresses to devices dynamically, you
ought to be ready to be using motor to handle IP addresses. These locations can
always be changed afterwards.

Step 6. Installing and Configuring DNS and Active Directory

Install Virtual Appliance 2008 on the second machine given to you, as shown in
the defined as the formation diagram. Connecting this desktop to the routers you
set up in step 5 with a pass connection or, if one is accessible, a networking hub.
Provide this machine a proper network number that follows the communication
protocol you created in step 1. Customize this scheme to act as a DNS server,
allowing all computers connected to resolve names. NetworkProfessionals.ca
should have been the DNS domain name. Both name to Internet address and
Destination ip to surname translation should be implemented. Install Device
Management capabilities on this computer so that it becomes the forest root
site's initial domain controller. Domain names that are somatic and cognitive can
be set to store the information of the System database in Remote Access, which
would then be duplicated to all network elements. Domain names which are not
somatic and cognitive do not have the capability of storing the DNS information
in Active Directory.
Step 7. Implementing DHCP Services

When confronted with a requirement to deploy Desktop Computer 2003 DHCP,

many administrators immediately ask, "Can't we only use our current DHCP?"
Yes and no are the answers to this question. Server Manager 2003 can receive
DHCP data from any Dns server that operates with Windows Vista or Windows
Server if you have a legacy domains and WINS connection. The Microsoft Server
2003 DHCP service is required if you wish to use the Active Directory
capabilities and maybe transition away from the old WINS structure. You must
first setup the host with an ip Address then installing DHCP. The DHCP user's
access point must be setup with a single Ip address before the DHCP services can
be installed. Follow the steps in Step by Step 3.1 to deploy the DHCP services on
your server.
Install and activate DHCP functions on Router 3 to give hosts on segments K and
L IP addresses. Ensure that the Active Directory domain controllers you just set
up in step 6 is setup with both the ip Address you provided it and not one that is
assigned periodically. Ascertain that the host labelled Linux System on the
defined as the formation diagram (see Figure 1) gets the same IP address from
the DHCP server at all times, and that this is the number you specified. For this
server, use the term 'Linux System.'

Step 8. Performing Active Directory Administration

Because this is a testing network, you'll want to create some test customers and
experiment with various setups using them. In the Device Management forest top
- level domain, create two Modules, one is for Admin team and another for
Domain Users. Generate 2 user profiles called Admin1 and Admin2 in the
Admins OU, User1 and Express permission in the Domain Users OU, and
GroupA with Login into the system and Express permission as its membership in
the DomainUsers OU. Creating, changing, and removing users, groups,
machines, and contacts are all part of managing Active Directory accounts. But
unlike traditional Active Directory Domain administrator tools, that take
numerous action to overcome each user, or PowerShell, that requires substantial
Active Directory and programming expertise, PowerShell allows you to manage
dozens of accounts in a single movement. Because preserving the safety of an
Active Directory and its assets will always be one of your top priorities, it's
critical to verify your users' identities, restrict their exposure to other services,
and govern their behaviour. Throughout its 'Reactive User Providing and Re-
provisioning Templates,' ADManager Plus dramatically simplifies the difficult
and time-consuming process of Identity and Access (IAM). In only one step, you
may grant or alter all of your customers' required permissions and permissions
based on their roles or designation using these forms.

Step 9. Adding a Second Domain Controller and Transferring FSMO Roles

To move forward with the FSMO role transference, we considered DCs that
have such a role to be active in your network. If a DC with an FSMO role is no
longer up and functional, then. When a DC which has been operating as a role
owner restarts (for example, after a loss or timeout), it does not continue acting
as the daily occupations immediately. The names of the present FSMO role
holders are included in the metadata that the DCs provide as parts of Active
Directory replicating. When the newly created DC receives the incoming
replicating data, it checks to see if it is still the role bearer. If that's the case, it
resumes normal operations. The newly launched DC voluntarily relinquished
role possession if the duplicated originally referred that yet another DC is
serving as the daily occupations. This behaviour lowers the likelihood of
duplicating FSMO role owners in the domains or forest. Using a GUI
management tool, an administration randomly assigns the role.
Using the ntdsutil /roles function, an administrator can transfer the role.
Using the Active Directory Setup Wizard, an operator gracefully denigrates a
participation DC. Any selecting a specific duties are reassigned to an existing DC
in the forest by this wizard. To use the dcpromo /forceremoval command, an
administrator can reduce a participation DC. The DC is turned off and on.
When the DC is restarted, it receives inbound replicating information indicating
that the role owner is another DC. The freshly appointed DC surrenders the
position in this situation.The present role holder is up and running, and the new
FSMO owner can connect to it via the internet. You are gently slighting a DC
that presently has FSMO responsibilities in you Active Directory forest that you
really want to assign to a particular DC. You must allocate particular FSMO
responsibilities to live DCs since the DC that presently possesses FSMO roles is
now being taken out of service for planned service. To perform activities that
affect the FSMO owner, you may need to switch roles. This is particularly true in
the case of the PDC Emulator job. For the RID director role, the Domains
nomenclature master role, and the Schema director role, this is a somewhat
pressing concern.
Step 10. Configuring a VPN Server

Open the browser of your choice.

In the search bar, type your router's LAN (interior) IP address.
Enter the password for the router...
Go to Settings > VPN Service (or Particular Project).
Allow the VPN Service to operate.

Select Configure and Add Duties and Capabilities in Admin Console on the VPN
server.
The Wizard to Add Roles & Capabilities appears.
Select First on the Before You Start page.
Select Position or functionality installation from the Choose Installation Type
screen and click Next.
Choose the Select a host from the servers pool choice on the Choose destination
server page.
Select the local machine under Server Pool and then Next.
Select Wireless Networking in Roles on the Choose server responsibilities page,
then Next.
Select Next on the Choose features page.
Select Continue on the Remote Management page.
Choose DirectAccess and VPN under Role services on the Choose role agency
website (RAS).