Solved: Re: Cisco Packet Tracer - configuration check, I gave SS configuration - Page 2

kapustamarianna · ‎05-18-2023

   Here Router - Each house has such a router, the IP differs

LAN HOUSE 1 - 192.168.3.1 HOUSE 2 - 192.168.4.1
 Internet DOM 1 - 192.168.10.10 192.168.10.11 DNS like Server, DOM 2 - 192.168.11.10 192.168.11.11 DNS like Server.

The first are photos of the server configuration:

FireWall - 1/3 is the connection to the DOM router 1, 1/2 is the connection to the Server Room Switch, 1/1 is the connection to the Modem

Door and reader - IP is in the same range

IoT devices connected directly to the switch, this is how each configuration looks like

Urządzenia IoT podlaczone bezposrednio z switchem.png

IoT devices connected via Wifi - this is how everyone's configuration looks like

I would like to know if I am doing this correctly, or I would like to ask for advice if I am doing something wrong.

Flavio Miranda · ‎05-19-2023

Hi

I saw the networks. I added the routes on the firewall for you, see attached. I am able to ping from every PC to the server.

I believe this is not a requirement, but, if ping means everything else is right like IP addressing and interface configuration

Looking the critical erros:

- No DHCP configured. This is easy to check. As long as the devices got an IP address you are OK with that.

-Incorrect port addressing - As long as all PC are pinging the server, you are OK

-no DNS configured. It is ok and you can prove it. Go to a PC in the command line and type. I added a .com on the name but it is not required.

C:\>nslookup wasne.com

Server: [192.168.1.2]

Address: 192.168.1.2

Non-authoritative answer:

Name: wasne.com

Address: 192.168.1.2

C:\>

C:\>nslookup google.com

Server: [192.168.1.2]

Address: 192.168.1.2

Non-authoritative answer:

Name: google.com

Address: 8.8.8.8

kapustamarianna · ‎05-19-2023

I have uploaded a zip file named Work in the last post. I wanted to know your opinion about my 4 projects, are they well done. We may have misunderstood each other, could you take a look at them? Unless you've already done that and expressed your general opinion of them. I am posting this file

Flavio Miranda · ‎05-19-2023

Yeah, I looked at all of them and made the change only on the Neighborhood network file. But I went through the others and they are fine, considering your requirements.

kapustamarianna · ‎05-19-2023

I have another question regarding security. Devices such as detectors, alarms, etc. is better to connect via cable because it's safer than via wifi because someone can break in easier, right? Is LoT better to assign the IP yourself or maybe leave it to DHCP? Question about the router from the library, where is the best place to put it, In the room with computers, the librarian's room?

Flavio Miranda · ‎05-19-2023

evices such as detectors, alarms, etc. is better to connect via cable because it's safer than via wifi because someone can break in easier, right?

Not necessarily. Wireless can be as secure as cabling, it depends on how to implement. For small device like IoT, most of time wireless is the only option to connect.

Is LoT better to assign the IP yourself or maybe leave it to DHCP?

It depends also. You better have IP assigned if you need to access the device. You need to know the IP to access, right? So, it is easier to keep an static IP address and document it somewhere. If you dont need to access the device, DHCP is better because you dont need to setup device by device.

Question about the router from the library, where is the best place to put it, In the room with computers, the librarian's room?

As this is a wireless router the place to be installed needs to consider the devices who will used it. The closer to the devices better.

Flavio Miranda · ‎05-19-2023

Library pinging

kapustamarianna · ‎05-19-2023

Last projects

Flavio Miranda · ‎05-19-2023

The problem I see is the same. The firewall is not properly configured. You need to enter on the interface and use the command nameif <something>

And add route. Use the files I sent as examples. You firewall is the center of you network, if you dont configure it properly, the network wont work.

kapustamarianna · ‎05-19-2023

(limit sended message)

It worked in the store, now I'm trying to do it in the dorm. It takes time to digest, so it didn't work for me.

kapustamarianna · ‎05-19-2023

It has already worked even in the dorm, you will look at the appearance of the dorm. Is it a good idea to set up access points in this way, and is it a good idea to set them on one channel and SSID to cover the entire campus?

Flavio Miranda · ‎05-20-2023

No, it is not. Each AP must be in a different channel. As those Access points only supports 2.4 Ghz, you can use channel 1,6 and 11.

You can repeat channels but only if you have no alternative.

kapustamarianna · ‎05-20-2023

And what do you think about whether it could somehow be done better so that there are fewer switches and it looks neater? can some devices connect differently for security reasons?

Flavio Miranda · ‎05-20-2023

You dont need 2 switch on the Red rectangle or you connect both to the Firewall instead. A switch has 24 or 48 ports each and it is ok use most of them. You can save by puting more device on the switch but you will also create a bigger failure point. So, in real world it depends how much money you are willing to expend.

kapustamarianna · ‎05-20-2023

Could you tell me which server services to keep and which to disable and why?

Flavio Miranda · ‎05-20-2023

It depends. For which purpose did you install the server? If you install for FTP purpose, keep only FTP enabled

But, you can also use the server for more than one purpose. It can be at the same time a FTP server and a DHCP server.