Scribd
Upload
93 views10 pages

Final Hands-On Project

The document provides instructions for configuring port settings, networking, security, and system management settings on a router. Key steps include changing the hostname and IP address under "Port Settings", configuring DMZ and UPnP settings under "Networking", enabling the firewall and SIP ALG under "Security", and adjusting password rules, SNMP settings, time settings, and remote management settings under "System Management". Photographs show the interfaces for making changes to these various settings on the router.

Uploaded by

api-546865403
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
93 views10 pages

Final Hands-On Project

The document provides instructions for configuring port settings, networking, security, and system management settings on a router. Key steps include changing the hostname and IP address under "Port Settings", configuring DMZ and UPnP settings under "Networking", enabling the firewall and SIP ALG under "Security", and adjusting password rules, SNMP settings, time settings, and remote management settings under "System Management". Photographs show the interfaces for making changes to these various settings on the router.

Uploaded by

api-546865403
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Final Hands-on Project

David Blair

Intro to Network Engineering

Table of Contents:

Summary: Page 2

Port Settings: Pages 2-5

Networking: Page 6

Security: Pages 7-8

System Management: Pages 8-10


Port Settings:

When setting up a router, port settings must be set up first. The connection to the router

and what you want to do with the router for the rest of the settings will reflect on what you put

here. We will be looking at changing the hostname, IP address, VLAN, enabling DCHP, setting

up the DNS, setting up the reverse addresses, and setting up other wireless features. The first

step to configuring the router is to go into “Status” and then “Dashboard”. From there the

hostname was changed to LAN0. From here we can also change the IP address, as shown

below. The new address is 172.16.137.1/24

Under “Networking” and “LAN” will be Vlan Membership. Here I added VLAN=44.

DHCP is enabled, you can find this option under “Networking” and “IPv6 LAN”.
The DNS has been split into two, the primary DNS server 202.201.37.16 and the

secondary DNS server. 202.201.37.225. You can find this under “Networking” and

“LAN” as IPv4 Lan (Local Network).

For the reserve addresses, under DHCP they can be entered into the table.

DC01=172.16.15.201, MAC D0-17-C2-89-A3-67

Syslog= 172.16.15.202, MAC D0-21-C2-89-A3-69

DB01=172.16.15.203, MAC D0-17-D2-89-A3-44

EXCH01=172.16.15.204, MAC F0-17-C2-89-C3-56

RADIUS=172.16.15.205, MAC D0-37-D2-79-D3-55


For the wireless section, under “Wireless” and “Basic Settings” you can edit the

security mode. From here, the Security mode is WPA2 Enterprise, and the encryption

is AES. SSID hasn’t been changed on this example picture, but it is PROWIFI. This

version of the program doesn’t show the allow remote management option.

For the RADIUS server, you can find it under “Security”. Below are pictures of the

new addresses, 172.16.15.138 and 172.16.15.156 on port 1812.


3G is left at the default settings. (Can’t find it on any of the manuals either.) But now that

these changes have been made, we can move onto the next section.

Networking:

For the networking section, this is going to be very brief. We are going to be changing

the DMZ settings, and the UPnP settings. To begin, underneath the section labeled

“firewall” you will find a section named DMZ Host. From here you will get the option to

enable the DMZ, disable it, and enter the IP of the host.
Next, found underneath “Administration” and “Discovery Settings” is Discovery - UPnP.

Here UPnP can be disabled.

Security:

The most important part about setting up your router properly is the security features.

The main thing to configure here is the firewall, but we will also have SIP ALG enabled.

Firewall is enabled by default, and you can find the settings unsurprisingly under

“Firewall.” The product is already set up for attack prevention.


Under “Firewall”, “Advanced Settings”, SIP ALG or Application level gateway is already

enabled, but can be disabled.

Can’t find H.323 or RTSP on this version of the product. Only can find RTSP:TCP or

UDOP under services in access rules.

System Management:
In order to manage the system, the first thing to do is change the password

complexity. It needs to have a length of at least 12, with 4 classes, and aging time of 90

days. To change the password length, go to password rules under administration, and

enable password rules enforcement. Enter as below.

Next step is to add an aging time of 90 days. In administration, click on management

interface, and the settings to change the normal aging can be found under “User

Accounts”.

In order to change the time settings, head to the “time settings” tab under

administration. From there you will see an option by the name of “clock source”. Choose

to use NTP server, and enter the information as below.


For SNMP, you can find where you need to go to edit it underneath “Administration”

and then “Network Management”, and then “SNMP System Information”. As shown

below, the SysContact and Syslocation have been changed.

In the image above, the authentification password has been changed and the method is

SHA. This field can be found under “SNMP” alongside SNMP System Information. Here

we can also add the trap receiver host “172.16.137.202” in the trap table.
Underneath “Administration” and “Web Acess” you can change the settings for remote

management. In the image, you can see that HTTPS has been enabled, and the port is

443.

You might also like