1 / 22

The Washington School District

The Washington School District. Mike, Mark, Joy, Armando, & Mona. Overview. R E Miller, Acacia, Desert View, & Mountain Sky Class B Address WAN - PPP, Frame Relay, ISDN, OSPF LAN - Extended Star, TCP/IP, IGRP Security Cost. Addressing. Class B - 145.29.0.0

hashim
Download Presentation

The Washington School District

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Washington School District Mike, Mark, Joy, Armando, & Mona

  2. Overview • R E Miller, Acacia, Desert View, & Mountain Sky • Class B Address • WAN - PPP, Frame Relay, ISDN, OSPF • LAN - Extended Star, TCP/IP, IGRP • Security • Cost

  3. Addressing • Class B - 145.29.0.0 • VLANS for Administrative and Students • Administrative and network printers will be static • Students will use DHCP

  4. Class B 145.29.0.0 Subnet mask - 255.255.255.0 Used 8 bits for subnets (total usable 254) 8 Bits left for hosts/subnet (total usable 254) 145.29.1.0 - 145.29.10.0 Wan routers Desert View 145.29.20.0 - 145.29.24.0 E0=145.29.20.1 Admin Addresses 145.29.20.100 - 145.29.20.254 Students 145.29.21.0 Printers 145.29.22.0

  5. Acacia 145.29.25.0 - 145.29.29.0 E0=145.29.25.1 Admin Addresses 145.29.25.100 - 145.29.25.254 Students 145.29.26.0 Printers 145.29.27.0 Mountain Sky 145.29.30.0 - 145.29.34.0 E0=145.29.30.1 Admin Addresses 145.29.30.100 - 145.29.30.254 Students 145.29.31.0 Printers 145.29.32.0 RE Miller 145.29.35.0 - 145.29.39.0 E0=145.29.35.1 Admin Addresses 145.29.35.100 - 145.29.35.254 Students 145.29.36.0 Printers 145.29.37.0

  6. WAN • T1 using Frame Relay to the Internet • 4 T1’s between District Office, Shaw Butte, Service Center • upgrade to DS3 for growth • PPP • T1 from each school to its District hub • Backup TSU ESP • Each District hub will be an Area Border Router; this provides for the requirement of one AS number • Additional router at Data Center going to the Internet, along with access lists fulfills requirement for double firewall.

  7. Area Border Routers

  8. LAN • Gigabit Backbone • Fiber from MDF to each BLDG • Fiber from IDF to IDF and from MDF to IDF within building • Router connects WAN link (T1) and provides security and routing for VLANS

  9. LAN (cont’d) • MDF - switch with router capabilities • Server Central • DNS/DHCP • Email • Administrative • Student • Print • Application and CD Stack • Misc. - DLT Tape Drives, UPS, Racks

  10. LAN (cont’d) • IDF • 7 drops to each class • 28 ports - students (24), teacher (3), network printer (1) • 100Mbps to each node • full duplex

  11. RE Miller

  12. RE Miller

  13. RE Miller (cont’d)

  14. RE Miller (cont’d)

  15. Security • Administrative user ID and Password • VLANS • Access Lists

  16. VLANS • VLAN 1 - Administration • VLAN 2 - Students • Configure ports on switch for each VLAN • use ethernet sub interfaces - E0/1 • Configure uplinks to trunk each VLAN • Full duplex • Use Spanning Tree Protocol (STP) • creates a transparent switch

  17. VLANS (cont’d) • IGRP - AS#(Internet Assigned Numbers Authority) • Configure router with virtual interfaces • virtual ethernet sub interfaces must be configured to match switch ethernet sub interfaces • this is needed because of the 5500 series router/switch we are using

  18. Access Lists • Used for double firewall • WAN • use access lists to allow traffic from Internet and Intranet to access servers located in DMZ • examples: • access-list 101 permit tcp any any eq 80 in S1 • access-list 101 permit tcp any any eq 25 in S1 • access-list 101 permit tcp any any eq 53 in S1 • access-list 101 permit tcp any any eq 21 in S1 • access-list 101 deny tcp any any • access-list 101 deny udp any any • access-list 102 permit tcp any any eq 80 in E1 • access-list 102 permit tcp any any eq 25 in E1 • access-list 102 permit tcp any any eq 53 in E1 • access-list 102 permit tcp any any eq 21 in E1

  19. Access List - LAN • Access-list 105 deny tcp student subnet to administrative server and deny student access to administrative subnet • example: • access-list 105 deny tcp 145.29.21.0 255.255.0.255 145.29.20.22 255.255.0.0 • Access list 105 deny tcp 145.29.21.0 255.255.0.255 145.29.20.0.0 255.255.0.255 • access-list 105 permit any any • applied on E0 interface inbound

  20. Cost

More Related