Part 1: Configure Basic Switch Security Configure the following on S1: o Privileged EXEC mode encrypted password is ciscoenpa44. o Console line password is ciscoconpa44, exec-timeout is 10 minutes, and enable login. o Password for the VTY lines is ciscovtypa44, exec-timeout is 10 minutes, enable login, and add the logging synchronous command. o Encrypt all plaintext passwords. Configure the following on S3: o An MOTD banner should include the word unauthorized. o Shut down all unused physical ports on the switch. o Enable port security on F0/3, where the MAC address should be dynamically learned and added to the running configuration. Part 2: Configure Basic Router Security Configure the following on R3: o Minimum password length is 10 characters. o Privileged EXEC mode encrypted password is ciscoenpa44. Enable SSH connections on R3as follows: o The domain name is skillsexam.com o It will only allow 2 authentication attempts. o It will timeout after 120 seconds. o Create a user account of Admin03 in the local database of the router with a secret password of Admin03pa44. o The RSA key should be generated with 1024 modulus bits. o Only SSH is allowed on the VTY lines. o Verify the SSH configuration SSH to R3 from the command prompt of PC-B and PC-C. Part 3: Configure AAA Authentication Configure AAA Local Authenticationon R2 as follows: o Create a local user account of Admin02 with a secret password of Admin02pa44. o Enable AAA services. o Configure a named list called Co-Login to authenticate logins using local AAA. o Configure the line console to use the defined named AAA method. o Verify the user EXEC login using the local database. Part 4: Configure Access Control Lists Configure a Numbered IP ACL 110 on R3 as follows: o Verify that PC-A can access both HTTP and HTTPS services on the Web Server. o Create a Numbered IP ACL 110 that permit any outside host to only access HTTPS service on the Web Server. o Apply the created access list to incoming traffic on interface S0/0/1. o Verify that PC-A can only access HTTPS service on the Web Server; PC-A cannot access HTTP service anymore.
plz solve
Provided with the topology, the addressing table, you are asked to configure the devices based on the questions below.
Addressing Table:
Device |
Interface |
IP Address |
Subnet Mask |
Default Gateway |
R1 |
G0/0 |
10.10.10.1 |
255.255.255.0 |
N/A |
S0/0/0 |
172.20.20.1 |
255.255.255.252 |
N/A |
|
R2 |
S0/0/0 |
172.20.20.2 |
255.255.255.252 |
N/A |
S0/0/1 |
172.30.30.2 |
255.255.255.252 |
N/A |
|
R3 |
G0/0 |
10.20.20.1 |
255.255.255.0 |
N/A |
S0/0/1 |
172.30.30.1 |
255.255.255.252 |
N/A |
|
PC-A |
NIC |
10.10.10.5 |
255.255.255.0 |
10.10.10.1 |
RADIUS Server |
NIC |
10.10.10.10 |
255.255.255.0 |
10.10.10.1 |
PC-B |
NIC |
10.20.20.5 |
255.255.255.0 |
10.20.20.1 |
PC-C |
NIC |
10.20.20.6 |
255.255.255.0 |
10.20.20.1 |
Web Server |
NIC |
10.20.20.10 |
255.255.255.0 |
10.20.20.1 |
Part 1: Configure Basic Switch Security
- Configure the following on S1:
o Privileged EXEC mode encrypted password is ciscoenpa44.
o Console line password is ciscoconpa44, exec-timeout is 10 minutes, and enable login.
o Password for the VTY lines is ciscovtypa44, exec-timeout is 10 minutes, enable login, and add the logging synchronous command.
o Encrypt all plaintext passwords.
- Configure the following on S3:
o An MOTD banner should include the word unauthorized.
o Shut down all unused physical ports on the switch.
o Enable port security on F0/3, where the MAC address should be dynamically learned and added to the running configuration.
Part 2: Configure Basic Router Security
- Configure the following on R3:
o Minimum password length is 10 characters.
o Privileged EXEC mode encrypted password is ciscoenpa44.
- Enable SSH connections on R3as follows:
o The domain name is skillsexam.com
o It will only allow 2 authentication attempts.
o It will timeout after 120 seconds.
o Create a user account of Admin03 in the local
o The RSA key should be generated with 1024 modulus bits.
o Only SSH is allowed on the VTY lines.
o Verify the SSH configuration SSH to R3 from the command prompt of PC-B and PC-C.
Part 3: Configure AAA Authentication
- Configure AAA Local Authenticationon R2 as follows:
o Create a local user account of Admin02 with a secret password of Admin02pa44.
o Enable AAA services.
o Configure a named list called Co-Login to authenticate logins using local AAA.
o Configure the line console to use the defined named AAA method.
o Verify the user EXEC login using the local database.
Part 4: Configure Access Control Lists
- Configure a Numbered IP ACL 110 on R3 as follows:
o Verify that PC-A can access both HTTP and HTTPS services on the Web Server.
o Create a Numbered IP ACL 110 that permit any outside host to only access HTTPS service on the Web Server.
o Apply the created access list to incoming traffic on interface S0/0/1.
o Verify that PC-A can only access HTTPS service on the Web Server; PC-A cannot access HTTP service anymore.
![RADIUS Server
10.10.10.10
10.10.10.0/24
Fa0/3
Fa0/1
Fa0/2
PC-A
10.10.10.5
172.20.20.0/30
GO/O
R1
50/0/0
S0/0/0
DCE
R2 S0/0/1
172.30.30.0/30
S0/0/1
DCE
R3
GO/O
Fa0/2
PC-8
10.20.20.5
10.20.20.0/24
Fa0/1
S3
Fa0/4
Fa0/3
PC-C
10.20.20.6
Web Server
10.20.20.10](/v2/_next/image?url=https%3A%2F%2Fcontent.bartleby.com%2Fqna-images%2Fquestion%2F39e4b1ad-1bdb-4ac3-baa3-6bcaa0c50b02%2F7e29571e-ca3c-45fe-8e0c-00ea7042ef1a%2Fswynf5a_processed.jpeg&w=3840&q=75)
![](/static/compass_v2/shared-icons/check-mark.png)
Trending now
This is a popular solution!
Step by step
Solved in 6 steps with 2 images
![Blurred answer](/static/compass_v2/solution-images/blurred-answer.jpg)
![Computer Networking: A Top-Down Approach (7th Edi…](https://www.bartleby.com/isbn_cover_images/9780133594140/9780133594140_smallCoverImage.gif)
![Computer Organization and Design MIPS Edition, Fi…](https://www.bartleby.com/isbn_cover_images/9780124077263/9780124077263_smallCoverImage.gif)
![Network+ Guide to Networks (MindTap Course List)](https://www.bartleby.com/isbn_cover_images/9781337569330/9781337569330_smallCoverImage.gif)
![Computer Networking: A Top-Down Approach (7th Edi…](https://www.bartleby.com/isbn_cover_images/9780133594140/9780133594140_smallCoverImage.gif)
![Computer Organization and Design MIPS Edition, Fi…](https://www.bartleby.com/isbn_cover_images/9780124077263/9780124077263_smallCoverImage.gif)
![Network+ Guide to Networks (MindTap Course List)](https://www.bartleby.com/isbn_cover_images/9781337569330/9781337569330_smallCoverImage.gif)
![Concepts of Database Management](https://www.bartleby.com/isbn_cover_images/9781337093422/9781337093422_smallCoverImage.gif)
![Prelude to Programming](https://www.bartleby.com/isbn_cover_images/9780133750423/9780133750423_smallCoverImage.jpg)
![Sc Business Data Communications and Networking, T…](https://www.bartleby.com/isbn_cover_images/9781119368830/9781119368830_smallCoverImage.gif)