Network Design Using Access Controls and Voip

NETWORK DESIGN USING ACCESS
CONTROLS AND VOIP
Saurav Kumar Pandey
CONTENTS
Abstract
Network
Topology
Frame Relay
DHCP
Routing Protocol
VLAN
Telnet
ACL
VoIP
ABSTRACT
To
deploy well-designed computer networks supporting

converged applications of data, audio, and video.
To support better performance, resilience, security,
maintainability.
This is to propose a network model that can be implemented
in different network environments and also be used to
implement MAN, WAN.
Use of Voice over Internet Protocol technology allows to make
a phone call using an Internet connection or a dedicated
network that uses the IP protocol, rather than go through the
normal telephone line.
This save bandwidth used. Data packets, containing voice
information are routed over the network, encoded in digital
form.
To filters & check unauthorized traffic that travels across the
network.
The major objective of this network design is to allow only the
genuine users to access the network and prevent the
intruders from accessing it.
NETWORK TOPOLOGY
Network description
This network has a total number of 3 locations

locations; 1 Head office,and other two are
Branch office-A and Branch Office-B.
The routers used are 2811
Also have opted for 2960 switches
Have added PC's as voice functionality can be
added to those if desired and to check whether
both the network could ping each other or not
and for various operational functionalities.
Have kept IPV4 addressing sceme to the
various networks.
The Head office and the Branch office-A are
connected via leased line(Frame Relay).
Router configuration
Router 1
Router>en
Router#conf t
Router(config)#int s 0/2/0
Router(config-if)#ip addr 192.168.0.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int s0/3/0
Router(config-if)#clock rate 64000
Router(config)#int f0/0
Contd...
Router2
Router>en
Router#conf t
Router(config-if)#clock rate 64000
contd..
Router3
Router>en
Router#conf t
Frame-Relay
Frame
relay is a telecommunication
service designed for cost-efficient data
transmission for intermittent traffic
between local area networks (LANs)
and between end-points in a wide area
network (WAN). Frame relay puts data
in a variable-size unit called a frame
and leaves any necessary error
correction (retransmission of data) up
to the end-points, which speeds up
overall data transmission.
Frame-relay configuration
Frame-relay config.
Router1 (frame-relay)
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 102
Router3 (frame-relay)
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type cisco
Router(config-if)#frame-relay interface-dlci 201
DHCP
DHCP Config.
Router1
Router(config)#ip dhcp pool R1
Router(dhcp-config)#network 172.20.0.0
255.255.0.0
Router(dhcp-config)#default-router 172.20.0.1
Router(dhcp-config)#exit
contd
Router2
255.255.0.0
Router3
255.255.0.0
RIP(ROUTING INFORMATION PROTOCOL)

It
is a dynamic routing protocol

technique
RIP
prevents routing loops by

implementing a limit on the number of
hops allowed in a path from the source
to a destination. The maximum
number of hops allowed for RIP is 15.
RIP Config.
Router1
Router(config)#router rip
Router(config-router)#network
192.168.0.0
192.168.1.0
Router(config-router)#network 172.20.0.0
Router(config-router)#network 172.21.0.0
contd
Router2
192.168.0.0
192.168.2.0
172.16.0.0
172.17.0.0
Router3
192.168.1.0
192.168.2.0
172.18.0.0
172.19.0.0
VLAN
In computer networking, a single layer-2 network may

be partitioned to create multiple distinct broadcast
domains, which are mutually isolated so that packets
can only pass between them via one or more routers;
such a domain is referred to as a Virtual Local Area
Network, Virtual LAN or VLAN.
Vlan config.
Switch1
Switch>en
Switch#conf t
Switch(config)#vlan 2
Switch(config-vlan)#name HR
Switch(config-vlan)#exit
Switch(config-vlan)#name AC
Switch(config-vlan)#exit
Switch(config-vlan)#int f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
Switch(config-if)#int f0/4
Switch(config-if)#exit
contd.
Switch(config-if)#switchport
mode access
access vlan 3
mode access
access vlan 3
Switch(config)#int f0/2
Switch(config-if)#switchport mode trunk
(trunk is used to connect one switch with another
switch)
contd
Switch7
83
contd.
mode access
access vlan 3
mode access
access vlan 3
Switch(config)#int f0/1
Switch(config-if)#switchport mode trunk
TELNET
Telnet
is a user command and an

underlying TCP/IP protocol for
accessing remote computers. Through
Telnet, an administrator or another
user can access someone else's
computer remotely.
Telnet configuration on
router2 & router3
Router2
Router(config)#line vty 0 4
Router(config-line)#password ccna1
Router(config-line)#login
Router(config-line)#exit
Router(config)#enable password ccie
Router3
Router(config)#line vty 0 4
Router(config-line)#password ccna2
Router(config-line)#login
Router(config-line)#exit
Router(config)#enable password ccie1
Accessing router 2
ACL(Access Control lists)

ACLs
are basically a set of commands,

grouped together by a number or
name that is used to filter traffic
entering or leaving an interface. An
access control list (ACL) is a table that
tells a computer operating system
which access rights each user has to a
particular system object.
Restricting PC10 from

accessing Router2 via
telnet
Router 3(extended ACL)
Router(config)#access-list 101 deny tcp host 172.19.0.2 host
192.168.2.1 eq 23
172.17.0.1 eq 23
192.168.0.2 eq 23
Router(config)#access-list 101 permit ip any any
Router(config-if)#ip access-group 101 in
contd.
Restriction in accessing telnet

through PC 10
Restricting PC10 from

accessing network 172.20.0.0
Router1 (standard ACL)
Router(config)#access-list 1 deny host
172.19.0.2
Router(config)#access-list 1 permit any
Router(config-if)#ip access-group 1 out
Restriction in accessing the network through

PC10
VOIP
Voice
over IP (voice over Internet

Protocol, VoIP) is a methodology and
group of technologies for the delivery
of voice communications and
multimedia sessions over Internet
Protocol (IP) networks, such as the
Internet.
Protocols in Voip
DHCP
CALL
MANAGER EXPRESS
PHONE DIRECTORY
DIAL PEER CONFIGURATION
DHCP Config. In VoIP

Router1
Router(config)#ip dhcp pool voice
Router(dhcp-config)#network 172.21.0.0 255.255.0.0
Router(dhcp-config)#option 150 ip 172.21.0.1
Router2
Router(dhcp-config)#network 172.16.0.0 255.255.0.0
Router(dhcp-config)#option 150 ip 172.16.0.1
contd..
Router3
255.255.0.0
Router(dhcp-config)#default-router
172.18.0.1
Router(dhcp-config)#option 150 ip
172.18.0.1
Call Manager express

config.
Router 1
Router(config)#telephony-service
Router(config-telephony)#max-dn 5
Router(config-telephony)#max-ephones 5
Router(config-telephony)#ip source-addr
172.21.0.1 port 2000
Router(config-telephony)#auto assign 4 to 6
Router(config-telephony)#exit
contd..
Router2
Router(config-telephony)#ip source-addr 172.16.0.1 port 2005 77
Router3
Router(config-telephony)#ip source-addr 172.18.0.1 port 2010
contd
Switch0
Switch(config)#int range f0/1-5
Switch(config-if-range)#switchport
Switch(config-if-range)#exit
Switch5
Switch4
contd.
mode access
voice vlan 1
mode access
voice vlan 1
mode access
voice vlan 1
Phone Directory config.

Router1
Router(config)#ephone-dn 1
Router(config-ephone-dn)#number 1101
Router(config-ephone-dn)#exit
Router(config-ephone-dn)#number 1102
contd..
Router2
Router(config-ephone-dn)#number
Router 3
contd
2101
2102
3101
3102
Dial-Peer config.
Router1
Router(config)#dial-peer voice 1 voip
Router(config-dial-peer)#destination-pattern 2...
Router(config-dial-peer)#session target
ipv4:192.168.0.2
Router(config-dial-peer)#exit
Router(config-dial-peer)#session target
ipv4:192.168.1.2
contd
Router2
Router(config-dial-peer)#session target ipv4:192.168.0.1
Router3
Router(config-dial-peer)#exit 80
contd.
Dialing phone
Connected phone
Benefits of voip
The
call cost is lower, especially

over long distances
The infrastructure costs are
lower: When it became available
any IP network infrastructure is
required.
This save bandwidth used. Data
packets, containing voice
information are routed over the
network, encoded in digital form.
BIBLIOGRAPHY
BOOKS
CISCO CCNA ICND2 official exam certification book
CCNA study guide access control list standard and
extended.
REFERENCES
http://www.packettracer.com/ voipconfiguration.html
http://www.packettracer.com/
VoIP_in_Cisco_Packet_Tracer.htm
http://www.howstuffworks.com/ ip-telephony.htm
http://www.wikipedia.com/ Voice_over_IP.html
http://www.louisvilleuniversity.com/intro.html
http://www.rogerdarlington.me.uk/VoIP.html
http://www.baumann.info/public/voip
Syngress Cisco Internetworking Book
THANK YOU

Network Design Using Access Controls and Voip

Uploaded by

Network Design Using Access Controls and Voip

Uploaded by

NETWORK DESIGN USING ACCESS

CONTROLS AND VOIP

Saurav Kumar Pandey

deploy well-designed computer networks supporting

This network has a total number of 3 locations

RIP(ROUTING INFORMATION PROTOCOL)

is a dynamic routing protocol

prevents routing loops by

In computer networking, a single layer-2 network may

is a user command and an

ACL(Access Control lists)

are basically a set of commands,

Restricting PC10 from

Restriction in accessing telnet

Restricting PC10 from

Restriction in accessing the network through

over IP (voice over Internet

DHCP Config. In VoIP

Call Manager express

Phone Directory config.

call cost is lower, especially

You might also like