Tasks
For security reason, your company wants to restrict access to Sw3 & Sw4 which are located in a public room. In order to control these switches, users must be authenticated first. Authentication is to be done via a Radius server which will be implemented in the near future.
Please type configuration commands here:
1. First enable this feature:
Sw3,4(config)#
(1)
2. The RADIUS server is located at 10.6.4.1 and the key "digitaltut"
Sw3,4(config)#
(2)
3. Any connections (via Telnet, Console, AUX...) to the switch must be authenticated via RADIUS server first. If the RADIUS server fails, use local database on switch for authentication
Sw3,4(config)#
(3)
4. Configure local username as "localuser" and password "localpass". This password must be encrypted via MD5
Sw3,4(config)#
(4)
II. Your company wants to monitor SW2 so you are required to configure SNMP & Syslog on SW2:
+ Configure SNMP:
5. There are two communities should be defined: one "publickey" with read only access and another "secret$admin" with read-write access
Sw2(config)#
(5)
Sw2(config)#
(6)
6. All traps should be sent to the SNMP server 192.168.12.22 using the read-only community string
Sw2(config)#
(7)
+ Configure Syslog:
7. All log messages on SW2 should be sent to a syslog server at 10.6.4.200
Sw2(config)#
(8)
8. Increase the internal buffers to 10,000 bytes so that more log messages can be stored on the device
Sw2(config)#
(9)
9. Only "Error" or more important syslog messages should be sent out
Sw2(config)#
(10)
III. Any traffic from interface fa0/3 of Sw2 must be replicated to a traffic analyzer connected to SW4 Fa0/5 via VLAN 40 10. Configure VLAN 40 (on both switches)
Sw2,4(config)#
(11)
Sw2,4(config-vlan)#
(12)
11. Configure on Switch2
Sw2(config)#
(13)
Sw2(config)#
(14)
12. Configure on Switch4
Sw2(config)#
(15)
Sw2(config)#
(16)
Submit
Result: