NETWORK DESIGN USING ACCESS
CONTROLS AND VOIP
CONTENTS
Abstract
Network Topology
Frame – Relay
DHCP
Routing Protocol
VLAN
ABSTRACT
To deploy well-designed computer networks supporting
converged applications of data, audio, and video.
To support better performance, resilience, security,
maintainability.
This is to propose a network model that can be implemented
in diferent network environments and also be used to implement MAN, WAN.
Use of Voice over Internet Protocol technology allows to make
a phone call using an Internet connection or a dedicated
network that uses the IP protocol, rather than go through the normal telephone line.
This save bandwidth used. Data packets, containing voice
information are routed over the network, encoded in digital form.
To flters & check unauthorized trafc that travels across the
network.
The major objective of this network design is to allow only the
Network description
•
This network has a total number of 3 locations
locations; 1 Head ofce,and other two are
Branch ofce-A and Branch Ofce-B.
•
The routers used are 2811
•
Also have opted for 2960 switches
•
Have added PC's as voice functionality can be
added to those if desired and to check whether
both the network could ping each other or not
and for various operational functionalities.
•
Have kept IPV4 addressing sceme to the
various networks.
•
The Head ofce and the Branch ofce-A are
Router confguration
Router 1
Router>en Router#conf t
Router(confg)#int s 0/2/0
Router(confg-if)#ip addr 192.168.0.1 255.255.255.0 Router(confg-if)#no shut
Router(confg-if)#exit Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.1.1 255.255.255.0 Router(confg-if)#clock rate 64000
Router(confg-if)#no shut Router(confg-if)#exit Router(confg)#int f0/0
Router(confg-if)#ip addr 172.21.0.1 255.255.0.0 Router(confg-if)#no shut
Router(confg)#int f0/1
Router(confg-if)#ip addr 172.20.0.1 255.255.0.0 Router(confg-if)#no shut
Router2
Router>en Router#conf t
Router(confg)#int s0/2/0
Router(confg-if)#ip addr 192.168.0.2 255.255.255.0 Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.2.1 255.255.255.0 Router(confg-if)#clock rate 64000
Router(confg-if)#no shut Router(confg-if)#exit
Router(confg)#int f0/0
Router(confg-if)#ip addr 172.17.0.1 255.255.0.0 Router(confg-if)#no shut
Router(confg-if)#exit Router(confg)#int f0/1
Router(confg-if)#ip addr 172.16.0.1 255.255.0.0 Router(confg-if)#no shut
Router3
Router>en Router#conf t
Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.1.2 255.255.255.0 Router(confg-if)#no shut
Router(confg-if)#exit Router(confg)#int s0/2/0
Router(confg-if)#ip addr 192.168.2.2 255.255.255.0 Router(confg-if)#no shut
Router(confg-if)#exit Router(confg)#int f0/0
Router(confg-if)#ip addr 172.19.0.1 255.255.0.0 Router(confg-if)#no shut
Router(confg-if)#exit Router(confg)#int f0/1
Router(confg-if)#ip addr 172.18.0.1 255.255.0.0 Router(confg-if)#no shut
Frame-Relay
Frame relay is a telecommunication
service designed for cost-efcient data
transmission for intermittent trafc
between local area networks (LANs)
and between end-points in a wide area
network (WAN). Frame relay puts data
in a variable-size unit called a frame
and leaves any necessary error
correction (retransmission of data) up
to the end-points, which speeds up
Frame-relay confg.
Router1 (frame-relay)
Router(confg)#int s0/2/0
Router(confg-if)#encapsulation frame-relay
Router(confg-if)#frame-relay lmi-type cisco
Router(confg-if)#frame-relay interface-dlci 102
Router(confg-if)#no shut
Router3 (frame-relay)
Router(confg)#int s0/2/0
Router(confg-if)#encapsulation frame-relay
Router(confg-if)#frame-relay lmi-type cisco
DHCP Confg.
Router1
Router(confg)#ip dhcp pool R1
Router(dhcp-confg)#network 172.20.0.0
255.255.0.0
Router(dhcp-confg)#default-router 172.20.0.1
Router(dhcp-confg)#exit
Router2
Router(confg)#ip dhcp pool R2
Router(dhcp-confg)#network 172.17.0.0
255.255.0.0
Router(dhcp-confg)#default-router 172.17.0.1
Router(dhcp-confg)#exit
Router3
Router(confg)#ip dhcp pool R3
Router(dhcp-confg)#network 172.19.0.0
255.255.0.0
RIP(ROUTING INFORMATION PROTOCOL)
It is a dynamic routing protocol
technique
RIP prevents routing loops by
implementing a limit on the number of
hops allowed in a path from the source
to a destination. The maximum
RIP Confg.
Router1
Router(confg)#router rip
Router(confg-router)#network
192.168.0.0
Router(confg-router)#network
192.168.1.0
Router(confg-router)#network 172.20.0.0
Router(confg-router)#network 172.21.0.0
Router2
Router(confg)#router rip
Router(confg-router)#network 192.168.0.0
Router(confg-router)#network 192.168.2.0
Router(confg-router)#network 172.16.0.0
Router(confg-router)#network 172.17.0.0
Router3
Router(confg)#router rip
VLAN
In computer networking, a single layer-2 network may
Vlan confg.
Switch1
Switch>en Switch#conf t
Switch(confi)#vlan 2
Switch(confg-vlan)#name HR Switch(confg-vlan)#exit
Switch(confg)#vlan 3
Switch(confg-vlan)#name AC Switch(confg-vlan)#exit
Switch(confi)#vlan 2
Switch(confg-vlan)#int f0/3
Switch(confg-if)#switchport mode access Switch(confg-if)#switchport access vlan 2 Switch(confg-if)#int f0/4
Switch(confg-if)#switchport mode access Switch(confg-if)#switchport access vlan 2
Switch(confi)#vlan 3
Switch(confg-vlan)#int f0/5
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 3
Switch(confg-if)#int f0/6
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 3
Switch(confg-if)#exit
Switch(confg)#int f0/2
Switch(confg-if)#switchport mode trunk
(trunk is used to connect one switch with another
switch)
Switch7
Switch(confi)#vlan 2
Switch(confg-vlan)#int f0/2
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#int f0/3
Switch(confg-if)#switchport mode access
83
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#exit
Switch(confi)#vlan 3
Switch(confg-vlan)#int f0/4
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 3
Switch(confg-if)#int f0/5
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 3
Switch(confg-if)#exit
Switch(confg)#int f0/1
TELNET
Telnet is a user command and an
underlying TCP/IP protocol for
accessing remote computers. Through
Telnet, an administrator or another
Telnet confguration on
router2 & router3
Router2
Router(confg)#line vty 0 4
Router(confg-line)#password ccna1
Router(confg-line)#login
Router(confg-line)#exit
Router(confg)#enable password ccie
Router3
Router(confg)#line vty 0 4
Router(confg-line)#password ccna2
Router(confg-line)#login
Router(confg-line)#exit
ACL(Access Control lists)
ACLs are basically a set of commands,
grouped together by a number or
name that is used to flter trafc
entering or leaving an interface. An
access control list (ACL) is a table that
tells a computer operating system
Restrictini PC10 from
accessini Router2 via
telnet
Router 3(extended ACL)
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host 192.168.2.1 eq 23
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host 172.17.0.1 eq 23
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host 192.168.0.2 eq 23
Router(confg)#access-list 101 permit ip any any Router(confg)#int f0/0
Router(confg-if)#ip access-group 101 in Router(confg-if)#exit
Restrictini PC10 from
accessini network 172.20.0.0
Router1 (standard ACL)
Router(confg)#access-list 1 deny host
172.19.0.2
Router(confg)#access-list 1 permit any
Router(confg)#int f0/1
VOIP
Voice over IP
(
voice over Internet
Protocol
,
VoIP
) is a methodology and
group of technologies for the delivery
of voice communications and
Protocols in Voip
DHCP
CALL MANAGER EXPRESS
PHONE DIRECTORY
DHCP Confg. In VoIP
Router1Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.21.0.0 255.255.0.0 Router(dhcp-confg)#default-router 172.21.0.1
Router(dhcp-confg)#option 150 ip 172.21.0.1 Router(dhcp-confg)#exit
Router2
Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.16.0.0 255.255.0.0 Router(dhcp-confg)#default-router 172.16.0.1
Router(dhcp-confg)#option 150 ip 172.16.0.1 Router(dhcp-confg)#exit
Router3
Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.18.0.0
255.255.0.0
Router(dhcp-confg)#default-router
172.18.0.1
Router(dhcp-confg)#option 150 ip
172.18.0.1
Call Manager express
confg.
Router 1
Router(confg)#telephony-service
Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr
172.21.0.1 port 2000
Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5
Router(confg-telephony)#exit
Router2
Router(confg)#telephony-service Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr 172.16.0.1 port 2005 77 Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5 Router(confg-telephony)#exit
Router3
Router(confg)#telephony-service Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr 172.18.0.1 port 2010 Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5 Router(confg-telephony)#exit
Switch0
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport mode access Switch(confg-if-range)#switchport voice vlan 1 Switch(confg-if-range)#exit
Switch5
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport mode access Switch(confg-if-range)#switchport voice vlan 1 Switch(confg-if-range)#exit
Switch4
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport mode access Switch(confg-if-range)#switchport voice vlan 1 Switch(confg-if-range)#exit
Phone Directory confg.
Router1
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 1101
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 2
Router(confg-ephone-dn)#number 1102
Router(confg-ephone-dn)#exit
Router2
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 2101
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 2102
Router(confg-ephone-dn)#exit
Router 3
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 3101
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 3102
Router(confg-ephone-dn)#exit
Dial-Peer confg….
Router1
Router(confg)#dial-peer voice 1 voip
Router(confg-dial-peer)#destination-pattern 2...
Router(confg-dial-peer)#session target
ipv4:192.168.0.2
Router(confg-dial-peer)#exit
Router(confg)#dial-peer voice 2 voip
Router(confg-dial-peer)#destination-pattern 3...
Router(confg-dial-peer)#session target
ipv4:192.168.1.2
Router(confg-dial-peer)#exit
Router2
Router(confg)#dial-peer voice 3 voip
Router(confg-dial-peer)#destination-pattern 1...
Router(confg-dial-peer)#session target ipv4:192.168.0.1 Router(confg-dial-peer)#exit
Router(confg)#dial-peer voice 5 voip
Router(confg-dial-peer)#destination-pattern 3...
Router(confg-dial-peer)#session target ipv4:192.168.2.2 Router(confg-dial-peer)#exit
Router3
Router(confg)#dial-peer voice 4 voip
Router(confg-dial-peer)#destination-pattern 1...
Router(confg-dial-peer)#session target ipv4:192.168.1.1 Router(confg-dial-peer)#exit 80
Router(confg)#dial-peer voice 6 voip
Router(confg-dial-peer)#destination-pattern 2...
Router(confg-dial-peer)#session target ipv4:192.168.2.1 Router(confg-dial-peer)#exit
Benefts of voip
The call cost is lower, especially
over long distances
The infrastructure costs are
lower: When it became available
any IP network infrastructure is
required.
This save bandwidth used. Data
packets, containing voice
BIBLIOGRAPHY
BOOKS CISCO CCNA ICND2 ofcial exam certifcation book CCNA study guide access control list standard and
extended.
REFERENCES
http://www.packettracer.com/ voipconfguration.html http://www.packettracer.com/
VoIP_in_Cisco_Packet_Tracer.htm
http://www.howstufworks.com/ ip-telephony.htm http://www.wikipedia.com/ Voice_over_IP.html http://www.louisvilleuniversity.com/intro.html http://www.rogerdarlington.me.uk/VoIP.html http://www.baumann.info/public/voip
