Вы находитесь на странице: 1из 10

LKS Nasional 2015 IT Network Systems Administration Modul 1

MODUL 1 Integration Island


IT Network Systems Administration

LKS Nasional
Serpong, 7-13 Juni 2015

1/10

2/4

LKS Nasional 2015 IT Network Systems Administration Modul 1

Overview
1

EXAM ............................................................................................................................................... 3
1.1

CONTENTS ............................................................................................................................... 3

1.2

INTRODUCTION ....................................................................................................................... 3

1.3

DESCRIPTION OF PROJECT AND TASKS .................................................................................... 3

1.4

QUICK SPECIFICATIONS ........................................................................................................... 3

1.5

PART 1...................................................................................................................................... 4

Working Tasks Windows Virtual Server........................................................................................... 4


Working tasks Linux Virtual Server .................................................................................................. 5
1.6

PART 2...................................................................................................................................... 6

Working Tasks Network ................................................................................................................... 6


1.7

PART 3...................................................................................................................................... 8

Working Tasks Notebook................................................................................................................. 8


2

APPENDIX......................................................................................................................................... 9
2.1

Specifications ........................................................................................................................... 9

2.1.1

WINDOWS SERVER SPECIFICATIONS ............................................................................... 9

2.1.2

DOMAIN GROUPLIST ....................................................................................................... 9

2.1.3

LINUX SERVER SPECIFICATIONS ....................................................................................... 9

2.1.4

NETWORK SPECIFICATIONS ............................................................................................. 9

2.1.5

NOTEBOOK SPECIFICATIONS ........................................................................................... 9

2.1.6

NETWORK DIAGRAM ..................................................................................................... 10

LKS Nasional 2015 IT Network Systems Administration Modul 1

1. EXAM
1.1 CONTENTS
This Test Project proposal consists of the following document/file:
1. Modul 1 Integration Island.docx

1.2 INTRODUCTION
The competition has a fixed start and finish time. You must decide how to best divide your
time.

1.3 DESCRIPTION OF PROJECT AND TASKS


You work as an IT system integrator for SMBs. The hosting company hostserv want to
provide several hosted services to their customers. Your job is to setup the infrastructure for
hostserv you have already get a list with the major tasks.
hostserv has two hosting offers. First they offer E-Mail hosting for their customers. As
second service they give the customers the possibility to move their workers on the terminal
server and use it as remote workstation.
Youll find additional information as attachment.

1.4 QUICK SPECIFICATIONS


NETWORK

Client
Windows Hostmachine

Windows 7
System Functions:
- VPN Client

Windows 7 Client
System Functions:
- Join Domain
- Map Drive

Internet

Router

Windows Hostmachine
Cisco Router2800 Series
Virtual Windows Server

FE0/1

Switch

TRUNK 802.1Q

FE0/0

Virtual Linux Server

System Functions:
- 802.1Q
- Routing
- NAT
- ACL

Windows Server
2008 R2
Cisco Catalyst 2900 Series
System Functions:
- vlan
- telnet

System Functions:
- VMWare Host

System Functions:
- AD
- DNS

Debian 7 Server
System Functions:
- Mail Server
- RAID
- DHCP
- VPN Server

3/10

4/4

LKS Nasional 2015 IT Network Systems Administration Modul 1

1.5 PART 1
Working Tasks Windows Virtual Server
Note: Please use the default configuration if you are not given the details.

Install and Setup Server with the Windows Server 2008 R2 Operating System with the
settings specified in the appendix
Install the services
o Configure Active Directory
Enable Roaming Profile and store the user profiles at
\\hostsrv1\profiles\username
Create for every user (not administrator account!) a home folder
stored at \\hostsrv1\homes\username and ensure that that is mapped
to Z: at each logon automatically
Create Active Directory Users
Create an OU that is named user
You will find a file called LKS2015-M1_TP1_USERS.csv with names,
roles and units of all workers in desktop computer Host machine;
use this file as a basis for automating the creation of all user
accounts. Be aware that all information, located in the Excel file,
regarding any user must be present on accounts created.
Create departments share folders on \\hostsrv1\workers and
\\hostsrv1\managers and map the respective folder to Y: at logon
depending on the security group (Workers; Managers) the user is in.
Users should not be allowed to access other department share.
(Info? Look at the provided Excel-sheet!)
Set the passwords of all users listed in the CSV file to Jakarta2012.
o

DNS

Create a reverse zone for the inside IP range


Create subdomain www and mail in the zone host.com to IP Address
Linux Server (hostsrv2)
( www.host.com <-----> IP Address hostsrv2 )
( mail.host.com <-----> IP Address hostsrv2 )
Make sure that DNS requests to zone host.com from internet are
answered with host public IPs and those from inside network with
inside IPs.
If you have problems with this configuration, we are doing
functionality check on this, so you can find your own way to solve
this!

LKS Nasional 2015 IT Network Systems Administration Modul 1

Working tasks Linux Virtual Server


Install and Set up server with the Debian 7 operating system with the settings specified
in the appendix. Ensure that all components are correctly installed (Dont install
Graphical User Interface (GUI) such as KDE, GNME, etc)
o use the following partitions layout:
/
8GB
/var
5GB
swap
2GB
Setup RAID 5 over 3 disks with 5GB each. Mount the volume at /home
o In VMware, use bridged networking, custom, map to vmnet1 (top NIC on host)

Install the services


o Postfix
Create users and mailboxes for all users listed in the file
LKS2015-M1_TP1_USERS.csv
Ensure that users have access to the mail server via: web access, POP3
and IMAP.
Web access should be available under
http://mail.host.com/webmail
Mails should be stored in the home partition
o DHCP Server
Range: 172.16.1.130 172.16.1.254
Gateway: 172.16.1.129
DNS: 172.16.1.2
o VPN
install and configure OpenVPN
create the user vpnuser01 with password Serpong2015.
VPN Clients should be able to access all resources on the internal
network.

5/10

6/4

LKS Nasional 2015 IT Network Systems Administration Modul 1

1.6 PART 2
Working Tasks Network
Note: Please use the default configuration if you are not given the details.
o

SWICTH
Access Switch using telnet with IP Address 192.168.1.99 via Port 24 (ensure the port 24
connect to NIC onboard). Telnet password and enable password is Cisco.
Configure port vlan
Port
Vlan
14
Trunk
58
vlan linux (vlan 20)
9 12
vlan win (vlan 10)
13 - 16
vlan services (vlan 30)
17 - 20
vlan client (vlan 100)

Configure vlan 30 with IP Address 172.16.1.126/26


Join switch management into VLAN services
Hostsw1 configuration
o Use port 1 for connection to the router fa0/1
o Use port 5 for Linux server
o Use port 9 for Windows server
o Use port 12 for VLAN services
o Use port 17 for VLAN client

ROUTER
Router configuration:
o Configure Fa0/0 with IP Address 143.25.1.1/25
o Configure Fa0/1 with 802.1Q:
Fa0/1.10 with IP Address 172.16.1.1/27
Fa0/1.20 with IP Address 172.16.1.33/27
Fa0/1.30 with IP Address 172.16.1.65/26
Fa0/1.100 with IP Address 172.16.1.129/25
o Enable DHCP relay for VLAN client
o Enable DHCP server on Fa0/0
Range: 143.25.1.100-143.25.1.254
Apply appropriate DHCP Scope options
Note: You can set up StatiIP Address using to above.
o

NAT/PAT
Configure PAT for internal hosts
Configure static NAT for outside connections:
Static NAT to hostsrv1 from ip-address 143.25.1.2
Static NAT to hostsrv2 from ip-address 143.25.1.34

LKS Nasional 2015 IT Network Systems Administration Modul 1

ACL

Restrict access to Linux Server from outside only to the services: MAIL
(POP, SMTP) HTTP and VPN
Restrict access to Windows Server from outside on to the services:
HTTPS and DNS
Deny all other traffic from outside to all inside networks

7/10

8/4

LKS Nasional 2015 IT Network Systems Administration Modul 1

1.7 PART 3
Working Tasks Notebook
Note: Use the default configuration if you are not given the details.

Install notebook with the Windows 7 Operating system with the settings specified in
the appendix
Connect the notebook to the internet
Configure it as an OpenVPN client
Connect the notebook to the switch vlan client
Join the notebook to the domain
Configure Outlook for send and receive E-mails with Mailuser01 and Mailuser02. The
email address for each user should be from the mail column in the csv file, e.g.
Mailuser01 should be using lukas.steinhauser@host.com and Mailuser02 should be
using thomas.schifano@host.com.

LKS Nasional 2015 IT Network Systems Administration Modul 1

2 APPENDIX

2.1 Specifications
2.1.1

WINDOWS SERVER SPECIFICATIONS

Computer name:

hostsrv1

DNS domain:

host.com

User name:

Administrator

Administrator password:

Serpong2015

IP address:

172.16.1.2

Domain NetBIOS Name:

HOST

Active directory recovery Password:

#Serpong2015

Virtual network card bridged to:

vmnet0 (On-board NIC)

2.1.2

DOMAIN GROUPLIST

Groupname:

Members:

MailUsers

All users with name beginning with MailUsers

Workers

mailuser11-19

Managers

mailuser1-10

2.1.3

LINUX SERVER SPECIFICATIONS

Computer name:

hostsrv2

Root password:

Serpong2015

Default User name:

competitor

Default User password:

Serpong2015

Domain name:

host.com

IP address:

172.16.1.34

Virtual network card bridged to:

vmnet1 (LAN Card)

2.1.4

NETWORK SPECIFICATIONS

VLAN win (ID: 10)

172.16.1.0/27

VLAN linux (ID: 20)

172.16.1.32/27

VLAN services (ID: 30)

172.16.1.64/26

VLAN client (ID: 100)

172.16.1.128/25

Internet

143.25.1.0/24

2.1.5

NOTEBOOK SPECIFICATIONS

Organization:

Hostsrv

Computer name:

notebook01

Domain:

host.com

User name:

Competitor

Password:

Serpong2015

IP address

dhcp

9/10

10/4

LKS Nasional 2015 IT Network Systems Administration Modul 1

NETWORK DIAGRAM

NETWORK

Client
Windows Hostmachine

Windows 7
System Functions:
- VPN Client

Windows 7 Client
System Functions:
- Join Domain
- Map Drive

Internet

Router

Windows Hostmachine
Cisco Router2800 Series
Virtual Windows Server

FE0/0

FE0/1

Switch

TRUNK 802.1Q

2.1.6

Virtual Linux Server

System Functions:
- 802.1Q
- Routing
- NAT
- ACL

Windows Server
2008 R2
Cisco Catalyst 2900 Series
System Functions:
- vlan
- telnet

System Functions:
- VMWare Host

System Functions:
- AD
- DNS

Debian 7 Server
System Functions:
- Mail Server
- RAID
- DHCP
- VPN Server