Wsc2013 Tp39 Pt en Day3

WSC2013_TP39_PT_EN

© WorldSkills International (WSI) reserves all rights in documents developed for or on behalf of WSI, including translation and electronic distribution. This material may be reproduced for non-commercial vocational and educational purposes provided

that the WorldSkills International logo and copyright notice are left in place.

1 of 12

IT Network Systems Administration Test Project – Island 3 – Networking & Unified Communication WSC2013_TP39_PT_EN Submitted by: Name: J. Daniel Medeiros Member Country: Portugal

Test Project proposal for skill 39 WSC2013_TP39_PT_EN

Version: 1.1 Date: 11.03.2013

2 of 12

CONTENTS

This Test Project proposal consists of the following documentation/files: 1. WSC2013_TP39_PT_EN_Day3.doc 2. WSC2013_TP39_PT_EN_Day3H.vsd 3. WSC2013_TP39_PT_EN_Day3B.vsd

INTRODUCTION

1. The Skills Organization has put in charge of developing their VoIP Communication System network according to the following image and the information that follows:

Figure 1 – Headquarters (Router Cisco 1941 is in the Branch Office)


Version: 1.1 Date: 11.03.2013

3 of 12

Figure 2 – Branch Office (Router Cisco 2901 is at Headquarters)


Version: 1.1 Date: 11.03.2013

4 of 12

2. The Skills Organization Headquarters is located in Leipzig and they have a branch office in Essen. At the

Headquarters they pretend a VoIP solution based on Cisco Call Manager Express technology while at the Branch office they would like to have an Asterisk based solution. Obviously both systems should be integrated, allowing calls to each other; besides that, and considering that Cisco CME does not provide voicemail, they would like to use the Asterisk system as voicemail for the CME clients.

3. For the purpose of this exercise, both sites are connected through a fast Internet link, with Headquarters having a fixed IP and the Branch office having a dynamic IP.

4. Both sites have a WiFi network. IMPORTANT NOTE: There is only one AP; however it will broadcast several WLANs. Depending on which WLAN you connect to, you will be associated with a VLAN that is on the Headquarters office or on the Branch office.

5. VoIP clients for Cisco CME as well as for Asterisk will be the Cisco IP Communicator, XLite for Windows and Zoiper for Linux. Additionally, and exclusively for CME, we will also have a Cisco 7960G phone.

6. Extension numbers at the Headquarters start at 2000 and at the Branch office start at 10000. The voicemail extension is 19999.

7. Table 1 and 2 contain information regarding the Cisco CME clients.

Cisco CME Clients

Client VMs Hosted on PC1

IP Gateway Vlan Vlan Name Network Ext VoiceMail

Box VoiceMail

Ext

Zoiper HQLUX1 DHCP 172.16.0.1 10 HQResearch 172.16.0.0/16 2001 12001 19999

Cisco IPC HQWIN1 DHCP 172.17.0.1 20 HQMarketing 172.17.0.0/16 2002 12002 19999

X-Lite HQWIN1 DHCP 172.17.0.1 20 HQMarketing 172.17.0.0/16 2003 12003 19999

Cisco IPC HQWIN2 DHCP 172.18.0.1 30 HQSales 172.18.0.0/16 2004 12004 19999

X-Lite HQWIN2 DHCP 172.18.0.1 30 HQSales 172.18.0.0/16 2005 12005 19999

DHCP Server is the 2901 Router

Table 1

Cisco CME Clients

Client Physical IP Gateway Vlan Vlan Name Network Ext VoiceMail

Box VoiceMail

Ext

Cisco IPC LAPTOP DHCP **Varies** *** Depends on WiFi VLAN *** 2006 12006 19999

X-Lite LAPTOP DHCP **Varies** *** Depends on WiFi VLAN *** 2007 12007 19999

Cisco 7960G DHCP 172.19.0.1 40 HQVoice 172.19.0.0/16 2008 12008 19999


Table 2


Version: 1.1 Date: 11.03.2013

5 of 12

8. Table 3 and 4 contain information regarding the Asterisk clients.

Asterisk Clients

Client VMs Hosted on PC2

IP Gateway Vlan Vlan Name Network Ext VoiceMail

Box VoiceMail

Ext

Zoiper BRLUX1 DHCP 10.16.0.1 100 HQResearch 10.16.0.0/16 10001 10001 19999

Cisco IPC HQWIN1 DHCP 10.17.0.1 200 HQMarketing 10.17.0.0/16 10002 10002 19999

X-Lite HQWIN1 DHCP 10.17.0.1 200 HQMarketing 10.17.0.0/16 10003 10003 19999


Table 3

Cisco CME Cliens

Client Physical IP Gateway Vlan Vlan Name Network Ext VoiceMail

Box VoiceMail

Ext

Cisco IPC LAPTOP DHCP **Varies** *** Depends on WiFi VLAN *** 10004 10004 19999

X-Lite LAPTOP DHCP **Varies** *** Depends on WiFi VLAN *** 10005 10005 19999


Table 4

9. Table 5 contains VLAN mapping information as well as wireless network SSIDs.

Vlan ID Vlan Name Vlan Location Switch SSID Network

10 HQResearch Headquarters hqsw.skills.org HQResearch_XX 172.16.0.0/16

20 HQMarketing Headquarters hqsw.skills.org HQMarketing_XX 172.17.0.0/16

30 HQSales Headquarters hqsw.skills.org HQSales_XX 172.18.0.0/16

40 HQVoice Headquarters hqsw.skills.org HQVoice_XX 172.19.0.0/16

99 HQMngt Headquarters hqsw.skills.org HQMngt_XX 172.20.0.0/16

100 BRResearch Branch brsw.skills.org 10.16.0.0/16

200 BRMarketing Branch brsw.skills.org 10.17.0.0/16

300 BRSales Branch brsw.skills.org 10.18.0.0/16

999 BRMngt Branch brsw.skills.org 10.19.0.0/16

XX = Your two digit competitor number.

Table 5

10. Keep these tables in mind and refer back to them whenever you need while developing the project.

11. Each physical machine will have VMWare Workstation 9 where you will find a basic install for each virtual machine. We expect you to use this basic install as the starting point to your project, but you will also have a folder on the physical machine containing all the necessary images, should you decide to create the VM from scratch.

Laptop is only used at Headquarters.


Version: 1.1 Date: 11.03.2013

6 of 12

12. Please refer to Table 6 in order to find out the correct administrator account and local user account for each computer device.

USER ACCOUNT INFORMATION

NETWORK ADMINISTRATOR PASSWORD LOCAL USER PASSWORD

Headquarters

hqlux1.skills.org root Secret@1 luxadmin Secret@2

hqwin1.skills.org Administrator Secret@1 winadmin Secret@2

hqwin2.skills.org Administrator Secret@1 winadmin Secret@2

Branch

asterisk.skills.org root Secret@1 luxadmin Secret@2

winpc1.skills.org Administrator Secret@1 winadmin Secret@2

brlux1.skills.org root Secret@1 luxadmin Secret@2

Table 6

13. Refer to Table 7 in order to find out the user accounts for each Cisco device.

USER ACCOUNT INFORMATION FOR CISCO DEVICES

NETWORK ADMINISTRATOR PRIVILEDGE PASSWORD LOCAL USER PRIVILEDGE PASSWORD

hqsw.skills.org root 15 Secret@1 cadmin 1 Secret@2

hqrt.skills.org root 15 Secret@1 cadmin 1 Secret@2

brsw.skills.org root 15 Secret@1 cadmin 1 Secret@2

brrt.skills.org root 15 Secret@1 cadmin 1 Secret@2

ap.skills.org root 15 Secret@1 cadmin 1 Secret@2

Table 7

14. IMPORTANT NOTE: If you need a password for a resource that is not in Table 1 nor Table 2, use Secret@3. The only passwords experts will try are Secret@1, Secret@2 and Secret@3 and, due to time limits, we will not recover any passwords, which could result in your work not being graded.


Version: 1.1 Date: 11.03.2013

7 of 12

DESCRIPTION OF PROJECT AND TASKS

1. Make all connections on the Headquarters switch as per Table 8:

Switch: hqsw.skills.org

PORT VLAN ID VLAN NAME HOST NIC GUEST / LINK

1

10 HQResearch

PC1 VMNet1 HQLUX1

2

3

4

5

20 HQMarketing

PC1 VMNet2 HQWIN1

6

7

8

9

30 HQSales

PC1 VMNet3 HQWIN2

10

11

12

13

40 HQVoice

Cisco 7960G

14

15

16

17

99 HQMngt

18

19

20

21

22

23 Link to the Cisco AP 1242

24 Trunk Link for all Vlans HQRT G0/0

Table 8

2. Configure the Headquarter switch using the information already provided. 1. Configure the console and vty lines 0 through 4 for login with local authentication.

2. Protect the privilege executive mode with a secret.

3. Configure the switch with the second lowest IP address in the HQMngt VLAN. Restrict local and

remote network access to the SSH protocol.

4. Configure QOS on the switch and switch interfaces by creating the necessary configurations,

eventually class maps and policy maps, to trust the QOS value coming from the Cisco 7960G


Version: 1.1 Date: 11.03.2013

8 of 12

phone and the DSCP value coming from the Cisco IP Communicator.

3. Make all connections on the Branch switch as per Table 9:

Switch: brsw.skills.org

PORT VLAN ID VLAN NAME HOST NIC GUEST / LINK

1

100 BRResearch

PC1 VMNet1 ASTERISK

2

3

4

5

200 BRMarketing

PC1 VMNet2 HQWIN1

6

7

8

9

300 BRSales

PC1 VMNet3 BRLUX1

10

11

12

13

999 BRMngt

14

15

16

17

18

19

20

21

22

23

24 Trunk Link for all Vlans BRRT G0/0

Table 9

4. Configure the Branch switch using the information already provided. 1. Configure the console and vty lines 0 through 4 for login with local authentication.


3. Configure the switch with the second lowest IP address in the BRMngt VLAN. Restrict local and

remote network access to the SSH protocol.

4. Configure QOS on the switch and switch interfaces by creating the necessary configurations, eventually class maps and policy maps, to trust the QOS value coming from the Cisco 7960G phone and the DSCP value coming from the Cisco IP Communicator.


Version: 1.1 Date: 11.03.2013

9 of 12

5. Configure the Cisco 1941 router which is to be used at the Branch office.

1. Configure the console and vty lines 0 through 4 for login with local authentication.


3. Restrict local and remote access to the SSH protocol.

4. Connect port G0/1 to port G0/1 in the Cisco 2901 router, the Headquarters router. This link will simulate a fast Internet connection. Use network 194.65.3.0/30 for this link.

5. Connect the first Serial interface to the first Serial interface in the Cisco 2901 router, the Headquarters router. This link will simulate a backup Internet connection. Use network 83.2.1.0/30 for this link.

6. Choose two dynamic routing protocols and configure one for the 194.65.3.0/30 link and the other for the 83.2.1.0/30 link, along with the other networks. Do this in such a manner that the only time the Serial link will be used is if the Gigabit link fails.

7. Configure the router as a DHCP server as detailed in the tables presented above.

8. Configure QOS on the router and configure interface G0/0 as connected to a trusted switch so that it trusts VoIP QoS labels of incoming packets.

6. Configure the Cisco 2921 router which is to be used at Headquarters.

1. Configure the console and vty lines 0 through 4 for login with local authentication.


3. Restrict local and remote access to the SSH protocol.

4. Connect port G0/1 to port G0/1 in the Cisco 1941 router, the Branch router. This link will simulate a fast Internet connection. Use network 194.65.3.0/30 for this link.

5. Connect the first Serial interface to the first Serial interface in the Cisco 1941 router, the Headquarters router. This link will simulate a backup Internet connection. Use network 83.2.1.0/30 for this link.

6. Choose two dynamic routing protocols and configure one for the 194.65.3.0/30 link and the other for the 83.2.1.0/30 link, along with the other networks. Do this in such a manner that the only time the Serial link will be used is if the Gigabit link fails.

7. Configure the router as a DHCP server as detailed in the tables presented above.

8. Configure QOS on the router and configure interface G0/0 as connected to a trusted switch so that it trusts VoIP QoS labels of incoming packets.

9. Configure CME as detailed in the tables presented above, keeping in mind that:

6.9.1. All extensions should reach all extensions;

6.9.2. Whenever a call is not answered, or is rejected, it should go to the voicemail box, regardless if the destination was an Asterisk or a CME extension;

6.9.3. CME clients have to dial 19999 to listen to their voicemail;


Version: 1.1 Date: 11.03.2013

10 of 12

7. Configure the Cisco 1242 AP: 1. Use the information already provided to configure the AP.

2. Configure QoS policies for the wireless network to give priority to wireless phone traffic, applying

voice class of service to traffic from the Cisco IP Communicator and from the Cisco IP phone.

3. Configure the CCK Transmitter, OFDM Transmitter and Client Power to the minimum possible [this

item is not evaluated but we thank you]. Use only the 802.11g radio. Broadcast the SSIDs.

4. Configure the radio channel to Channel 1 Channel 6 Channel 11.

5. The only wireless device allowed to connect to either network is your laptop.

6. Configure and activate WPA2-PSK with AES. Please make up a key of mixed capital letters and

numbers of 8 characters and write it in this box: __________________

7. Confirm that whenever you connect to a specific SSID you are connected to the respective VLAN.

8. On the HQLUX1 virtual machine:

1. Install the Zoiper VoIP client.

2. Place and receive call to and from Headquarters and Branch office.

9. On the HQWIN1 virtual machine: 1. Install the X-Lite VoIP client.

2. Install Cisco IP Communicator.

3. Place and receive call to and from Headquarters and Branch office from both clients.

10. On the HQWIN2 virtual machine: 1. Install the X-Lite VoIP client.



11. On the BRWIN1 virtual machine: 1. Install the X-Lite VoIP client.



12. On the BRLUX1 virtual machine:


Version: 1.1 Date: 11.03.2013

11 of 12

1. Install the Zoiper VoIP client.

2. Place and receive call to and from Headquarters and Branch office.

13. The LAPTOP is used to test association with the various WLANs and respective VLANs as well as a VoIP client. Rather than using a virtual machine you may use the physical laptop to: 1. Install the X-Lite VoIP client.



14. Confirm connectivity 1. Confirm that you have complete connectivity, that any phone can call all other phone, that voice

mail is working as well as the WiFi network.

CONGRATULATIONS – YOU MADE IT TO THE END

Before you go, keep in mind the instruction you have received on the daily briefing regarding the state in which you should leave your physical and virtual machines, as well as the infrastructure equipment.


Version: 1.1 Date: 11.03.2013

12 of 12

INSTRUCTIONS TO THE COMPETITOR

None.

EQUIPMENT, MACHINERY, INSTALLATIONS AND MATERIALS REQUIRED

None.

MARKING SCHEME

To be supplied if Test Project is selected.

OTHER

None.

Wsc2013 Tp39 Pt en Day3

Documents

Transcript of Wsc2013 Tp39 Pt en Day3