Privacy Policy

Valutazione attuale: 1 / 5

Stella attivaStella inattivaStella inattivaStella inattivaStella inattiva
 

Switch.com is an IT company that has an existing enterprise network comprised of two layer 2 only switch; DSW1 and ASW1. The topology diagram indicates their layer 2 mapping. VLAN 20 is a new VLAN that will be used to provide the shipping personnel access to the server. Corporate polices do not allow layer 3 functionality to be enabled on the switch. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:
  • User connecting to VLAN 20 via pot f0/1 on ASW1 must be authenticated before they are given access to the network. Authentication is to be done via a Radius server:
  • Radius key: rad123
  • Authentication should be implemented as close to the host ad possibile
  • Device on VLAN 20 are restricted to the subnet of 172.120.40.0/24 
  • Packets from devices in the subnet of 172.120.40.0/24 should be allowed on VLAN20.
  • Packets form devices in any other address range should be dropped on VLAN20.
  • Filtering should be implemented as close to the serverfarm as possible.
The Radius server and application server will be installed at a future date. You have been tasked with implementing the above access control as a pre.condition to installing the servers. You must use the available IOS switch features






C e r t i f i c a z i o n i