Professional Documents
Culture Documents
Network Design Using Access Controls and Voip: Saurav Kumar Pandey
Network Design Using Access Controls and Voip: Saurav Kumar Pandey
Router(config)#int s0/3/0
Router(config-if)#ip addr 192.168.1.1 255.255.255.0
Router(config-if)#clock rate 64000
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f0/0
Router(config-if)#ip addr 172.21.0.1 255.255.0.0
Router(config-if)#no shut
Router(config)#int f0/1
Router(config-if)#ip addr 172.20.0.1 255.255.0.0
Router(config-if)#no shut
Router2
Router>en
Router#conf t
Router(config)#int s0/2/0
Router(config-if)#ip addr 192.168.0.2 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int s0/3/0
Router(config-if)#ip addr 192.168.2.1 255.255.255.0
Router(config-if)#clock rate 64000
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f0/0
Router(config-if)#ip addr 172.17.0.1 255.255.0.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f0/1
Router(config-if)#ip addr 172.16.0.1 255.255.0.0
Router(config-if)#no shut
Router(config-if)#exit contd…..
Router3
Router>en
Router#conf t
Router(config)#int s0/3/0
Router(config-if)#ip addr 192.168.1.2 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int s0/2/0
Router(config-if)#ip addr 192.168.2.2 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f0/0
Router(config-if)#ip addr 172.19.0.1 255.255.0.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int f0/1
Router(config-if)#ip addr 172.18.0.1 255.255.0.0
Router(config-if)#no shut
Router(config-if)#exit
Frame-Relay
Frame relay is a telecommunication
service designed for cost-efficient data
transmission for intermittent traffic
between local area networks (LANs) and
between end-points in a wide area
network (WAN). Frame relay puts data in
a variable-size unit called a frame and
leaves any necessary error correction
(retransmission of data) up to the end-
points, which speeds up overall data
transmission.
Frame-relay configuration
Frame-relay config.
Router1 (frame-relay)
Router(config)#int s0/2/0
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 102
Router(config-if)#no shut
Router3 (frame-relay)
Router(config)#int s0/2/0
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 201
Router(config-if)#no shut
DHCP
DHCP Config.
Router1
Router(config)#ip dhcp pool R1
Router(dhcp-config)#network 172.20.0.0
255.255.0.0
Router(dhcp-config)#default-router 172.20.0.1
Router(dhcp-config)#exit
contd…
Router2
Router(config)#ip dhcp pool R2
Router(dhcp-config)#network 172.17.0.0 255.255.0.0
Router(dhcp-config)#default-router 172.17.0.1
Router(dhcp-config)#exit
Router3
Router(config)#ip dhcp pool R3
Router(dhcp-config)#network 172.19.0.0 255.255.0.0
Router(dhcp-config)#default-router 172.18.0.1
Router(dhcp-config)#exit
RIP(ROUTING INFORMATION PROTOCOL)
contd…
Router2
Router(config)#router rip
Router(config-router)#network 192.168.0.0
Router(config-router)#network 192.168.2.0
Router(config-router)#network 172.16.0.0
Router(config-router)#network 172.17.0.0
Router3
Router(config)#router rip
Router(config-router)#network 192.168.1.0
Router(config-router)#network 192.168.2.0
Router(config-router)#network 172.18.0.0
Router(config-router)#network 172.19.0.0
VLAN
In computer networking, a single layer-2 network may be
partitioned to create multiple distinct broadcast domains,
which are mutually isolated so that packets can only pass
between them via one or more routers; such a domain is
referred to as a Virtual Local Area Network, Virtual LAN or
VLAN.
Vlan config.
Switch1
Switch>en
Switch#conf t
Switch(config)#vlan 2
Switch(config-vlan)#name HR
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#name AC
Switch(config-vlan)#exit
Switch(config)#vlan 2
Switch(config-vlan)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#exit contd….
Switch(config)#vlan 3
Switch(config-vlan)#int f0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#int f0/6
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#int f0/2
Switch(config-if)#switchport mode trunk
contd…
Switch7
Switch(config)#vlan 2
Switch(config-vlan)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/3
Switch(config-if)#switchport mode access 83
contd….
Switch(config)#vlan 3
Switch(config-vlan)#int f0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#int f0/5
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
TELNET
Telnet is a user command and an
underlying TCP/IP protocol for accessing
remote computers. Through Telnet, an
administrator or another user can access
someone else's computer remotely.
Telnet configuration on
router2 & router3
Router2
Router(config)#line vty 0 4
Router(config-line)#password ccna1
Router(config-line)#login
Router(config-line)#exit
Router(config)#enable password ccie
Router3
Router(config)#line vty 0 4
Router(config-line)#password ccna2
Router(config-line)#login
Router(config-line)#exit
Router(config)#enable password ccie1
Accessing router 2
ACL(Access Control lists)
ACLs are basically a set of commands,
grouped together by a number or name that
is used to filter traffic entering or leaving an
interface. An access control list (ACL) is a
table that tells a computer operating system
which access rights each user has to a
particular system object.
Restricting PC10 from
accessing Router2 via
telnet
Router 3(extended ACL)
Router(config)#access-list 101 deny tcp host 172.19.0.2 host
192.168.2.1 eq 23
Router(config)#access-list 101 deny tcp host 172.19.0.2 host
172.17.0.1 eq 23
Router(config)#access-list 101 deny tcp host 172.19.0.2 host
192.168.0.2 eq 23
Router(config)#access-list 101 permit ip any any
Router(config)#int f0/0
Router(config-if)#ip access-group 101 in
Router(config-if)#exit
contd….
Restriction in accessing telnet through PC
10
Restricting PC10 from
accessing network 172.20.0.0
Router1 (standard ACL)
Router(config)#access-list 1 deny host
172.19.0.2
Router(config)#access-list 1 permit any
Router(config)#int f0/1
Router(config-if)#ip access-group 1 out
Router(config-if)#exit
Restriction in accessing the network through
PC10
VOIP
Voice over IP (voice over Internet
Protocol, VoIP) is a methodology and
group of technologies for the delivery of
voice communications and multimedia
sessions over Internet Protocol (IP)
networks, such as the Internet.
Protocols in Voip
DHCP
CALL MANAGER EXPRESS
PHONE DIRECTORY
DIAL PEER CONFIGURATION
DHCP Config. In VoIP
Router1
Router(config)#ip dhcp pool voice
Router(dhcp-config)#network 172.21.0.0 255.255.0.0
Router(dhcp-config)#default-router 172.21.0.1
Router(dhcp-config)#option 150 ip 172.21.0.1
Router(dhcp-config)#exit
Router2
Router(config)#ip dhcp pool voice
Router(dhcp-config)#network 172.16.0.0 255.255.0.0
Router(dhcp-config)#default-router 172.16.0.1
Router(dhcp-config)#option 150 ip 172.16.0.1
Router(dhcp-config)#exit
contd…..
Router3
Router(config)#ip dhcp pool voice
Router(dhcp-config)#network 172.18.0.0
255.255.0.0
Router(dhcp-config)#default-router 172.18.0.1
Router(dhcp-config)#option 150 ip 172.18.0.1
Router(dhcp-config)#exit
Call Manager express config.
Router 1
Router(config)#telephony-service
Router(config-telephony)#max-dn 5
Router(config-telephony)#max-ephones 5
Router(config-telephony)#ip source-addr 172.21.0.1
port 2000
Router(config-telephony)#auto assign 4 to 6
Router(config-telephony)#auto assign 1 to 5
Router(config-telephony)#exit
contd…..
Router2
Router(config)#telephony-service
Router(config-telephony)#max-dn 5
Router(config-telephony)#max-ephones 5
Router(config-telephony)#ip source-addr 172.16.0.1 port 2005
77
Router(config-telephony)#auto assign 4 to 6
Router(config-telephony)#auto assign 1 to 5
Router(config-telephony)#exit
Router3
Router(config)#telephony-service
Router(config-telephony)#max-dn 5
Router(config-telephony)#max-ephones 5
Router(config-telephony)#ip source-addr 172.18.0.1 port 2010
Router(config-telephony)#auto assign 4 to 6
Router(config-telephony)#auto assign 1 to 5
Router(config-telephony)#exit
contd……
Switch0
Switch(config)#int range f0/1-5
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport voice vlan 1
Switch(config-if-range)#exit
Switch5
Switch(config)#int range f0/1-5
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport voice vlan 1
Switch(config-if-range)#exit
Switch4
Switch(config)#int range f0/1-5
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport voice vlan 1
Switch(config-if-range)#exit
contd….
Phone Directory config.
Router1
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 1101
Router(config-ephone-dn)#exit
Router(config)#ephone-dn 2
Router(config-ephone-dn)#number 1102
Router(config-ephone-dn)#exit
contd…..
Router2
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 2101
Router(config-ephone-dn)#exit
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 2102
Router(config-ephone-dn)#exit
Router 3
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 3101
Router(config-ephone-dn)#exit
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 3102
Router(config-ephone-dn)#exit
contd…
Dial-Peer config….
Router1
Router(config)#dial-peer voice 1 voip
Router(config-dial-peer)#destination-pattern 2...
Router(config-dial-peer)#session target
ipv4:192.168.0.2
Router(config-dial-peer)#exit
Router(config)#dial-peer voice 2 voip
Router(config-dial-peer)#destination-pattern 3...
Router(config-dial-peer)#session target
ipv4:192.168.1.2
Router(config-dial-peer)#exit
contd…
Router2
Router(config)#dial-peer voice 3 voip
Router(config-dial-peer)#destination-pattern 1...
Router(config-dial-peer)#session target ipv4:192.168.0.1
Router(config-dial-peer)#exit
Router(config)#dial-peer voice 5 voip
Router(config-dial-peer)#destination-pattern 3...
Router(config-dial-peer)#session target ipv4:192.168.2.2
Router(config-dial-peer)#exit
Router3
Router(config)#dial-peer voice 4 voip
Router(config-dial-peer)#destination-pattern 1...
Router(config-dial-peer)#session target ipv4:192.168.1.1
Router(config-dial-peer)#exit 80
Router(config)#dial-peer voice 6 voip
Router(config-dial-peer)#destination-pattern 2...
Router(config-dial-peer)#session target ipv4:192.168.2.1
Router(config-dial-peer)#exit
contd….
Dialing phone
Connected phone
Benefits of voip
The call cost is lower, especially over
long distances
The infrastructure costs are lower:
When it became available any IP
network infrastructure is required.
This save bandwidth used. Data
packets, containing voice information
are routed over the network, encoded
in digital form.
BIBLIOGRAPHY
BOOKS
CISCO CCNA ICND2 official exam certification book
CCNA study guide access control list standard and
extended.
REFERENCES
http://www.packettracer.com/ voipconfiguration.html
http://www.packettracer.com/
VoIP_in_Cisco_Packet_Tracer.htm
http://www.howstuffworks.com/ ip-telephony.htm
http://www.wikipedia.com/ Voice_over_IP.html
http://www.louisvilleuniversity.com/intro.html
http://www.rogerdarlington.me.uk/VoIP.html
http://www.baumann.info/public/voip
Syngress Cisco Internetworking Book
THANK YOU