• No results found

Lab Configuring the PIX Firewall as a DHCP Server

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Lab Configuring the PIX Firewall as a DHCP Server"

Copied!
6
0
0

Loading.... (view fulltext now)

Download now ( 6 Page )

Full text

(1)

Lab 8.5.3 Configuring the PIX Firewall as a DHCP Server

Estimated Time: 15 minutes

Number of Team Members: Two teams with four students per team. Objective

In this lab, students will learn the following objectives: • Define a DHCP address pool

• Define a DHCP domain name

• Verify DHCP settings on a PIX Firewall • Verify DHCP on a PC

Scenario

Dynamic Host Configuration Protocol (DHCP) is a method of automatically assigning a TCP/IP address from a pool of addresses to a requesting client. DHCP eliminates the need to manually assign static IP addresses. Implementing DHCP client and server features in the PIX significantly eases deployment into cable and digital subscriber line (DSL) broadband environments, where static IP addresses can be costly and cumbersome to maintain.

A PIX Firewall can provide DHCP services for hosts located on the trusted network, allowing it to automatically assign IP addresses to machines that are configured for dynamic addressing. A DHCP server is simply a computer that provides configuration parameters to a DHCP client. A DHCP client is a computer or network device that uses DHCP to obtain network configuration parameters.

(2)

Topology

This figure illustrates the lab network environment.

Preparation

Verify the standard PIX configuration on the pod firewall and test the connectivity. Access the PIX console port using the terminal emulator on the student PC. If desired, save the configuration to a text file for later analysis. Refer back to the Student Lab Orientation if more help is needed. Tools and Resources

In order to complete the lab, the standard lab topology is required: • Two pod PIX Firewalls

• Two student PCs • One SuperServer

• Backbone switch and one backbone router • Two console cables and HyperTerminal Additional materials

Further information about the objectives covered in this lab can be found at,

(3)

Command list

In this lab exercise, the following commands will be used. Refer to this list if assistance or help is needed during the lab exercise.

Command Description

dhcpd address ip1[-ip2]

[if_name] This command defines the IP pool address range. The size of the pool is limited to 32 addresses with a 10-user license and 128 addresses with a 50-10-user license on the PIX 501. All other PIX Firewall platforms support 256 addresses.

dhcpd domain domain_name This command defines the DNS domain name. For example, example.com.

dhcpd lease lease_length This command defines the length of the lease, in seconds, granted to DHCP client from the DHCP server. The lease indicates how long the client can use the assigned IP address. The default is 3600 seconds. The minimum lease length is 300 seconds, and the maximum lease length is 2,147,483,647 seconds.

show dhcpd

[binding|statistics] Displays the binding and statistics information associated with the dhcpd commands.

Step 1 Verify the PIX Firewall Inside IP Address

Complete the following steps to verify the PIX Firewall inside IP address: a. Display the currently configured IP addresses:

PixP(config)# show ip address

b. Ensure that the IP address on the inside interface is 10.0.P.1. (where P = pod number)

c. Establish a connection to the web server at 172.26.26.50 by completing the following substeps: d. Open a web browser on the student PC.

e. Use the web browser to access the web server by entering http://172.26.26.50. Step 2 Configure the PIX Firewall DHCP Server Feature

Complete the following steps to configure the PIX Firewall DHCP server feature:

a. In order to configure the PIX as a DHCP server, the inside interface is required to be configured with an IP address. This IP address is required to be on the same subnet as the pool of

dynamically assigned DHCP addresses. To configure the DHCP address pool use the dhcpd address command in the Global Configuration mode. The PIX Firewall will assign the client one of the addresses from this pool to use for a given length of time. The default is the inside

(4)

b. Specify the IP address of the Domain Name System (DNS) server the client will use: PixP (config)# dhcpd dns 10.0.P.75

(where P = pod number)

1. What is the maximum number of DNS servers that can be entered?

_____________________________________________________________________________ c. Specify the IP address of the WINS server the client will use:

PixP (config)# dhcpd wins 10.0.P.76 (where P = pod number)

d. Specify the lease length to be granted to the client. This lease equals the amount of time in seconds the client can use its allocated IP address before the lease expires. To configure the DHCP lease length use the dhcpd lease (lease length) command. The default value is 3600 seconds.

e. Specify the lease length to grant the client as 3000: PixP (config)# dhcpd lease 3000

f. Configure the domain name the client will use: PixP (config)# dhcpd domain cisco.com

g. Enable the DHCP daemon within the PIX Firewall to listen for DHCP client requests on the enabled interface:

PixP (config)# dhcpd enable inside h. Display the DHCP configuration and binding:

PixP (config)# show dhcpd

dhcpd address 10.0.P.51-10.0.P.60 inside dhcpd dns 10.0.P.75 dhcpd wins 10.0.P.76 dhcpd lease 3000 dhcpd ping_timeout 750 dhcpd domain cisco.com dhcpd enable inside (where P = pod number) i. Save the DHCP configuration:

PixP (config)# write memory

Step 3 Test the PIX Firewall DHCP Server Feature

Complete the following steps to test the PIX Firewall DHCP server feature:

a. Reconfigure the student PC to obtain IP and DNS addresses from a DHCP server. b. Open a Windows 2000 command prompt, and release and renew the IP address:

(5)

c. Verify that the PIX Firewall assigned an IP address, subnet mask, DNS address, WINS address, and domain name to the student PC by opening a Windows 2000 command prompt and viewing the IP configuration:

C:\> ipconfig /all 2. Fill in the information below:

Connection-specific DNS suffix

IP Address Subnet Mask Default Gateway

If you are not using Windows 2000, please ask your instructor for the commands and instructions to check the DHCP configurations.

d. Establish a connection to the web server at 172.26.26.50 by completing the following substeps: e. From the Student PC, ping 172.26.26.50.

f. Open a web browser and access the web server by entering http://172.26.26.50. Step 4 Disable the DHCP on the Student PC

Complete the following steps to reset the student PC:

a. Disable DHCP on the student PC. Manually enter the following parameters: • IP Address- 10.0.P.11

• (where P = pod number) • Subnet Mask - 255.255.255.0 • Default Gateway - 10.0.P.1 (where P = pod number) b. Restart the computer. c. Log back into the computer.

d. At a command prompt, verify that the configuration supplied by the PIX Firewall DHCP server has been removed, and that the following IP configuration exists on the student PC:

(6)

Step 5 Disable the PIX Firewall DHCP Server Feature

Complete the following steps to disable the PIX Firewall DHCP server feature: a. Clear all dhcpd commands, binding, and statistics information:

PixP (config)# clear dhcpd

b. Verify that the DHCP feature has been disabled: PixP (config)# show dhcpd

References

Download now ( PDF - 6 Page - 211.23 KB )

Related documents

Corporate Governance and Credit Rating Services, Inc. Corporate Governance Rating

5 SAHA’s methodology for rating the SAHA’s methodology for rating the degree of compliance with the Principles of Corporate Governance is based upon the CMB’s

Configuration Procedures

• DHCP Client • DHCP Server • NAT • RADIUS Client • SYSLOG Client • Telnet Server • TFTP Server • Web Interface 3.11.1 DHCP Client. The DHCP Client requests an IP

A Laboratory Study on Wave Reduction by Mangrove Forests

(a) wave reduction (%) across bare land, mangrove forest of tandem and staggered arrangements; (b) wave reduction across mangrove forest of different densities (dense = 0.22

ClearCanvas ImageServer DICOM Conformance Statement

MOVE-SCP waits in the background for connections, will accept associations with Presentation Contexts for the SOP Class of the Study Root Query/Retrieve Information Model –

Configuring DHCP. DHCP Server Overview

To configure a subnet and mask for the newly created DHCP address pool, which contains the range of available IP addresses that the DHCP Server may assign to clients, use the

Dhcp Dora Vs Dhcp In Lease Renewal

He is available dhcp dora in lease renewal time during this field still broadcast or to expire Leave your dhcp dora dhcp in lease renewal percentage of the dhcp clients receive

Network Protocol Configuration

To enable the DHCP server and distribute parameters such as IP address for the DHCP client, run the following command in global configuration mode (the DHCP server also supports

Bloomen : Blockchain for creative content

En esta situaci´on he decidido utilizar unas librer´ıas que permiten generar un grid con solo a˜nadir unos componentes en los propios tags HTML y esta provee con c´odigo CSS na-