DEPARTMENT OF INFORMATION TECHNOLOGY 
ICT50220 Diploma of Information Technology 

Assessment

ICTNWK562 Configure Internet Gateways
    
Assessment Task 4    
2022

Course: ICT50220 Diploma of Information Technology
Unit of competency: ICTNWK562 Configure Internet Gateways

Prepared by: Curriculum Unit, Melbourne Polytechnic
Document creation date: Nov. 2022
Document review date: Nov. 2022
Version: 1.0

© Melbourne Polytechnic 2022
National Provider no. 3075


Acknowledgments
ICT - Information and Communications Technology Training Package . National training packages attributed as ‘© Commonwealth of Australia 2013’ 
and Victorian Registration & Qualifications Authority (VRQA) training packages are attributed as ‘© State of Victoria (Department of Education and Training) 2018’. Training packages are copied and communicated under Creative Commons Attribution-Non Derivative 3.0 Australia  (CC BY-ND 3.0 AUS) license. 
For information regarding material in this document, contact:

Melbourne Polytechnic


Assessment Task 4: Project
Course code and name    ICT50120 Diploma of Information Technology
Unit code and name    ICTNWK562 Configure Internet Gateways
Due date    ….. / ….. / …… (See on Moodle)
Resources required    Ruijie Network Device Simulator RGOSV1.0 To Examination
VMware Workstation Pro
SecureCRT
Speed Test Manager
Acunetix
RG Network Equipment Technical Documentations 
Access to computer and internet 
Decision making rules    To achieve an overall satisfactory result for this assessment task:
All questions must be answered satisfactorily
Learners must achieve a satisfactory result for each item in the Assessment Checklist.
Learner Instructions     This is a scenario based lab project assessment composed of practical tasks and written questions. There are 4 parts to this task: 
Part 1: Identify client requirements and network equipment
Part 2: Security Features and Security Plan
Part 3: Install and Configure a Gateway
Part 4: Configure and Test Nodes
For this task you will:
Complete it individually.
Write answers to all questions 
Complete it in class at a time determined by your assessor. 
Have time to read and review the assessment task in class. 
You must submit your assessment electronically via Moodle and use the following naming convention: “Student ID_Student Name_ Assessment Task 4: Lab Project - Configure an internet gateway”
Example: 
“s123456_Sathish_ Assessment Task 4: Configure an internet gateway.pkt”
“s123456_Sathish_ Assessment Task 4: Configure an internet gateway.docx”
You must agree (by clicking on the ‘I confirm radio button) with the assessment submission terms and conditions in Melbourne Polytechnic Moodle prior to the submission

Scenario
ABC is a start-up consulting company that has two departments in different floors. Each of the department has 20 employees. In order to conduct business well, an internal web server is needed to provide services to the employees and customers. It is required that all the employees can have access to the internet in the company. The bandwidth of the company's internal LAN is required to reach 1Gbps and the bandwidth of the internet is required to reach 10Mbps. 
Your Role
You work as a network engineer for ABC company and you have been given the task to design and build a safe, reliable, scalable and efficient network for the company.

Part 1– Prepare to configure internet gateways
Step 1: Confirm work brief and tasks according to organisational policies and procedures.
1    What is your work brief and tasks according to the above scenario with reference to ABC Company’s Network Engineering Project Management Policies and Procedures?  [40-60 words]
    Answer    Satisfactory    Unsatisfactory
    work brief and tasks [40-60 words]        

2    How will you conduct your work and tasks? Describe the work procedures. [40-60 words]
    Answer    Satisfactory    Unsatisfactory
    work procedures[40-60 words]        

You need to identify the client's requirements and fill in the following section according to the above scenario and confirm that with your ABC manager. The key points to be confirmed are as follows:
Advanced network structure is adopted to meet the needs of information transmission, storage and processing.
Appropriate security measures are taken for the network.
Proper network topology is planned and adopted.
Network interconnection testing requirements should be satisfied.
Other requirements should be considered and confirmed.
Validation Checklist
Project    Network Design and Implementation for ABC Company
Network Topology Type    
Security Measures    
Network Topology Planning    
Any Other Requirements    
Start Date    
Due Date    
Project Manager    
ABC Manger (signature)    

Step 2: Assess system architecture according to work brief.
3    Assess the system architecture that you’ve confirmed with your client  from the aspects of network security, speed and functions.  [45-90 words]
    Answer    Satisfactory    Unsatisfactory
1    Network security [15-30 words]        
    Answer    Satisfactory    Unsatisfactory
2    Network speed [15-30 words]    □    □

    Answer    Satisfactory    Unsatisfactory
3    Network functions [15-30 words]    □    □


Step 3: Select and source required configuration hardware, software and tools.
The hardware and software components that are required for building ABC network are listed as following:
Hardware Components
Equipment    Type    Quantity
Router     RG-RSR20-X SERIES    1
Switch (Layer 3)    RG-S5750-28GT4XS-H    1
Switch (Layer 2)    RG-S2910-24GT4XS-E    2
Gateway    RG-EG2000F    1
FIREWALL    RG-WALL 1600-S3100    1
SERVER    UDS-Serv 4000G20    1

Software Components
Name    Version    Quantity
Vmware Workstation Pro    Vmware Workstation Pro 16    1
SecureCRT    SecureCRT.8.5.4    1
Ruijie Network Device Simulator    RGOSV 1.0 To Examination    1
Speed Test Manager    V3.1.0    1
Acunetix    V12    1

You need to install the software components and use Ruijie Network Device Simulator to build a simulated network according to the following topology diagram and indicate the type of each device in the topology, then install the hardware components according to the simulated network. For simplicity, only 5 PCs are required to be connected and configured in the simulated network.


4     Install the software component and build a simulated network according to the above topology and indicate the type of each device in the topology. Paste the screenshot in the following.
    Answer    Satisfactory    Unsatisfactory
    Screenshot of the simulated network with the indication of each device type        

Step 4: Verify equipment specifications and confirm component serviceability.
You need to verify the availability and reliability of the above equipment and provide the following screenshots:
The availability and reliability of the equipment
Euipment    Screenshots of equipment startup    Screenshots of equipment self-checking
Switch (Layer 3)    
    
Switch (Layer 2)    
    
Gateway（R1）    
    
Firewall    
    
Server    

Part 2– Determine security requirements
Step 1: Analyse existing ISP security features.
China Telecom, as one of the biggest ISP in China, provide the internet services for ABC company.  You need to analyse the security features of China Telecom and assess its ability to prevent data interception, data corruption and data falsification.
1    Analyse security features of China Telecom and assess its ability to prevent data interception, data corruption and data falsification. [60–100 words]
    Answer    Satisfactory    Unsatisfactory
1    Security features of China Telecom [30–50 words]        

    Answer    Satisfactory    Unsatisfactory
2    Assess China Telecom’s ability to prevent data interception, data corruption and data  falsification [30–50  words]        

Step 2: Conduct required ISP speed test and identify system vulnerabilities.
2    Using Speed Test Manager and Acunetix to conduct the speed test and system vulnerability scanning for China Telecom. Provide the screenshots of the results.
    Answer    Satisfactory    Unsatisfactory
1    Speed test screenshot        

    Answer    Satisfactory    Unsatisfactory
2    System vulnerability scanning screenshot        

Step 3: Analyse internet gateway options.

3    Analyse the internet gateway options and explain the features of Static Network Address Translation (SNAT), Dynamic Network Address Translation (DNAT) and Port Address Translation (PAT).
    Answer    Satisfactory    Unsatisfactory
1    Static NAT  [30–50  words]        
    Answer    Satisfactory    Unsatisfactory
2    Dynamic NAT [30–50  words]    □    □

    Answer    Satisfactory    Unsatisfactory
3    PAT [30–50  words]    □    □
Step 4: Select required internet gateway option and create security plan according to analysis findings.
4    Which internet gateway options will you select according to your analysis findings.
    Answer    Satisfactory    Unsatisfactory
1     Select required internet gateway options [2–10  words]        


5    Create  a security plan according to analysis findings and have a description. [40–50 words]
    Answer    Satisfactory    Unsatisfactory
1    Security Plan [40–50 words]        

6    Report the potential security problems and attacks to the clients. [40–60 words]
    Answer    Satisfactory    Unsatisfactory
1    Potential Security Problems [20-30 words]        

    Answer    Satisfactory    Unsatisfactory
2    Potential Attacks [20-30 words]        

Part 3 – Install Internet Gateways
Please refer to the attached RG Network Equipment Technical Documentations and complete the gateway installation and configuration.
Step 1: Identify required internet gateway installation method according to security plan and work brief.
The IP address table is as follows. You need to change the following X into your own ID number.
Device    Interface / VLAN    IP Address
PC1_1    G 0/0  VLAN 10    192.168.X.1/24
PC1_2    G 0/1  VLAN 10    192.168.X.2/24
PC1_20    G 0/2  VLAN 10    192.168.X.3/24
PC2_1    G 0/1  VLAN 20    192.168.X+1.1/24
PC2_2    G 0/2  VLAN 20    192.168.X+1.2/24
SERVER    Eth 0    172.16.1.1/24
SWA    VLAN10    192.168.X.254/24
    VLAN 20    192.168.X+1.254/24
    G 0/2    200.200.200.201/30
Gateway(R1)    G 0/1    200.200.200.2/30
    G 0/2    200.200.201.1/30
Firewall    G 0/0    218.122.12.1/24
    G 0/1    200.200.200.1/30
    G 0/2    172.16.1.2/24
Internet(R2)    G 0/0    218.122.12.2/24
        218.122.12.3/24
(Alternate test address)

1    Describe the internet gateway installation method according to security plan and work brief.[30-40]
    Answer    Satisfactory    Unsatisfactory
    Internet gateway installation method [30-40]        

Step 2: Configure internet gateways according to technical guidelines.
2    Configure the firewall to make the server access the Internet through SNAT, and provide a screenshot.
    Answer    Satisfactory    Unsatisfactory
    Screenshot of SNAT on the firewall        

3    Configure the router to make the PCs access the Internet through PAT, and provide a screenshot.
    Answer    Satisfactory    Unsatisfactory
    Screenshot of PAT on the router        


Step 3: Test internet gateway, and rectify and report any network issues.
4    When you were doing the testing, you found that the PC1_1 could not ping the PC2_1  successfully. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words]
    Answer    Satisfactory    Unsatisfactory
1    Analyze the Possible Causes [40-60 words]        
    Answer    Satisfactory    Unsatisfactory
2    Screenshot of the Correct Result          
5    During the testing, you found that PC1_1 cannot access Server although the gateway address was configured correctly. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words]
    Answer    Satisfactory    Unsatisfactory
1    Analyze the Possible Causes [40-60 words]        

    Answer    Satisfactory    Unsatisfactory
2    Screenshot of the Correct Result         

6    During the testing, you found PC1_1 cannot ping Firewall’s G0/1 successfully. Please analyze the possible causes (at least 2 points) and make necessary changes for the network. Provide the screenshot of the correct result. [40-60 words]
    Answer    Satisfactory    Unsatisfactory
1    Analyze the Possible Causes [40-60 words]        
    Answer    Satisfactory    Unsatisfactory
2    Screenshot of the Correct Result         

Part 4 – Connect nodes to internet gateways
Please refer to the attached RG Network Equipment Technical Documentations and complete the following configuration and testing.
Step 1: Establish prerequisites and confirm gateway connection to network router.
1    Describe the prerequisites that you established.
    Answer    Satisfactory    Unsatisfactory
1    Prerequisites [30-50 words]        

2    Confirm gateway connection to network router and provide the screenshot.
    Answer    Satisfactory    Unsatisfactory
1    screenshot        

Step 2: Assign nodes to logical gateway as required by network architecture.
Provide the screenshots of IP configurations of the gateway, switch (layer 3), Firewall, Server, PC1_1, PC1_2, PC1_20, PC2_1,PC2_2.
3    Provide the screenshots of IP configurations of the following devices.
    Answer    Satisfactory    Unsatisfactory
1.    Gateway         

    Answer    Satisfactory    Unsatisfactory
2.     Switch (Layer 3)         

    Answer    Satisfactory    Unsatisfactory
3    Firewall          
    Answer    Satisfactory    Unsatisfactory
4    Server        
    Answer    Satisfactory    Unsatisfactory
5    PC1_1        

    Answer    Satisfactory    Unsatisfactory
6    PC1_2        
    Answer    Satisfactory    Unsatisfactory
7    PC1_20        

    Answer    Satisfactory    Unsatisfactory
8    PC2_1        

    Answer    Satisfactory    Unsatisfactory
9    PC2_2        

Step 3: Determine connection type and configure firewalls.
Provide screenshots that show the configuration of the firewalls.
4    Provide the screenshots of the completed configuration of the firewall.
    Answer    Satisfactory    Unsatisfactory
    Screenshot of firewall        


Step 4: Test and confirm internet gateway node connection.
Provide the screenshots of the following device connectivity test.
5    Test the connectivity of the following devices using ping command and provide the screenshots.
    Answer    Satisfactory    Unsatisfactory
1.    From PC1_1 to Internet        

    Answer    Satisfactory    Unsatisfactory
2.    From PC1_2 to Internet        

    Answer    Satisfactory    Unsatisfactory
3    From PC1_20 to Internet        

    Answer    Satisfactory    Unsatisfactory
4    From PC2_1 to Internet        

    Answer    Satisfactory    Unsatisfactory
5    From PC2_2 to Internet        
    Answer    Satisfactory    Unsatisfactory
6    From PC1_1 to PC1_2        
    Answer    Satisfactory    Unsatisfactory
7    From PC1_20 to PC2_2        

    Answer    Satisfactory    Unsatisfactory
8    From PC1_1 to Server        
    Answer    Satisfactory    Unsatisfactory
9    From PC2_2 to Server        

    Answer    Satisfactory    Unsatisfactory
10    From R2 (218.122.12.2) to Server        

    Answer    Satisfactory    Unsatisfactory
11    From R2 (218.122.12.3) to Server        

Student Declaration
Please read, tick and sign below

I declare that the attached assessment I have submitted is my own original work and any contributions from and references to other authors are clearly acknowledged and noted. 

This document has been created for the purpose of this assessment only and has not been submitted as another form of assessment at Melbourne Polytechnic or any other tertiary institute. 

I have retained a copy of this work for my reference in the event that this application is lost or damaged.

I give permission for Melbourne Polytechnic to keep, make copies of and communicate my work for the purpose of investigating plagiarism and/or review by internal and external assessors. 

I understand that plagiarism is the act of using another person’s idea or work and presenting it as my own. This is a serious offence and I will accept that penalties will be imposed on me should I breach Melbourne Polytechnic’s plagiarism policy.

Student Signature    X    Date    
Please note that your assignment will not be accepted unless you have:
Completed all sections of the assignment
Acknowledged all sources of other people’s contributions including references and Students’ names for group work assessments
Completed all areas of this Student assignment cover sheet.
Attachment



请加QQ：99515681  邮箱：99515681@qq.com   WX：codinghelp