Professional Documents
Culture Documents
MODUL B
SYSTEM INTEGRATION ISLAND
IT NETWORK SYSTEMS
ADMINISTRATION
LKS2017_ITNSA_MODULB
ISLAND 2 SYSTEM INTEGRATION ISLAND
CONTENTS
This Test Project proposal consists of the following document/file:
LKSN2017_ITNSA_MODUL2.pdf
INTRODUCTION
The competition has a fixed start and finish time. You must decide how to best divide your
time.
Please carefully read the following instructions!
When the competition time ends, please leave your station in a running state.
Please do not touch the VMware configuration as well as the configuration of the VM
itself except the CD-ROM / HDD drives
PHYSICAL MACHINE (HOST)
FOLDER PATHS
Virtual Machines: E:\Virtual Machine
ISO Images: E:\Apps
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
PART I
WORK TASK INSTALLATION (WINSRV1, WINSRV2,
LNXSRV1, LNXSRV2)
Note Please use the default configuration if you are not given details.
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
o GPO Security Policies
At logon on WINCLT2, users should see this message before logging in: Message Title:
Welcome to Indonesiahebat2017 with Message Text Only authorized personnel allowed
to access. and prohibit this message on all servers.
All users, except the IT group, are not allowed to access the display settings on the Control
Panel.
disable "First Sign-in Animation" for all Windows 8.1 clients
disable the use of cmd and run for the Visitor group
o VPN SERVER (RRAS)
setup and configure the VPN service (RRAS)
use the following IP Range for the VPN Clients: 192.168.50.100 192.168.50.150 (provided
by RRAS service)
With a VPN connection the user should be able to access to the shares on WINSRV2
Only users in the sales group should be able to connect to the VPN server
Remote Clients should be able to access the vpn server via the ip address 143.25.100.1
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
WORK TASK SERVER WINSRV1 & WINSRV2
o Install Distributed File System
Create skills as the root DFS Namespace in a Domain-based namespace in 2008 mode.
Create DFS share folders and configure the folder targets as indicated in the following table.
Enable DFS Replication between WINSRV1 and WINSRV2.
DFS Namespace Share Folders Folder Target Local Folder on both Servers Description
\\indonesiahebat.net\skills\rfol \\WINSRV1\rfolders C:\share\rfolders On WINSRV1 Folder
ders \\WINSRV2\rfolders E:\share\rfolders On WINSRV2 Redirection &
home folder
\\indonesiahebat.net\skills\IT \\WINSRV1\IT C:\share\IT On WINSRV1 Departmental
\\WINSRV2\IT E:\share\IT On WINSRV2 Share for IT
\\indonesiahebat.net\skills\Sal \\WINSRV1\Sales C:\share\Sales On WINSRV1 Departmental
es \\WINSRV2\Sales E:\share\Sales On WINSRV2 Share for Sales
\\indonesiahebat.net\skills\Ma \\WINSRV1\Mkt C:\share\Mkt On WINSRV1 Departmental
rketing \\WINSRV2\Mkt E:\share\Mkt On WINSRV2 Share for
Marketing
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
Gateway: 10.99.111.1
DNS: 10.99.112.2
Pool OUTSIDE
Range: 220.17.8.36 220.17.8.40
Netmask: /28
Gateway: 220.17.8.45
DNS: 220.17.8.42
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
PART II
WORK TASK NETWORK CONFIGURATION (RO1, SW1)
Note Please use the default configuration if you are not given details.
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
o Configure button 2 on hqvph1 to call directly to paging extension
o Configure Intercom service with the extension 199
o Access Control List (ACL)
Configure Access List with rule below
- Ensure outside can access to lnxsrv2 and winsrv1 using IP outside of RO1
- Allow access from outside to web server linxsrv1 and winsrv2
- Deny other traffic from outside to inside
o SNMPP
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
PART III
WORK TASK WINDOWS CLIENT (WINCLT1, WINCLT2, IP
PHONE)
Note Please use the default configuration if you are not given details.
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
APPENDIX
SPECIFICATIONS
WINSRV1
Computer name: WINSRV1
Operating System MS Windows 2012 R2
Domain Name: indonesiahebat.net
Administrator User name: Administrator
Administrator password: Jakarta2017
IP address: 10.99.122.2/28
Domain NetBIOS Name: HEBAT
WINSRV2
Computer name: WINSRV2
Operating System MS Windows 2012 R2
Domain Name: smkhebat.org
Administrator User name: Administrator
Administrator password: Jakarta2017
IP address: 10.99.122.3/28
Domain NetBIOS Name: HEBAT
LNXSRV1
Computer name: LNXSRV1
Operating System Linux Debian 7.8
User name: root
Password: Jakarta2017
IP address: 10.99.110.1/26
LNXSRV2
Computer name: LNXSRV2
Operating System Linux Debian 7.8
User name: root
Password: Jakarta2017
IP address: 10.99.110.2/26
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
WINCLT1
Computer name: WINCLT 1
Operating System MS Windows 8.1
User name: Administrator
Password: Jakarta2017
Domain name: Indonesiahebat.net
IP address: DHCP
WINCLT2
Computer name: WINCLT 2
Operating System MS Windows 8.1
User name: Administrator
Password: Jakarta2017
Domain name: indonesiahebat.net
IP address: DHCP
NETWORK SPESIFICATION
VLAN DESC (ID: 30) 10.99.110.0/26
VLAN AOCC (ID: 31) 10.99.111.0/25
VLAN VOICE (ID: 32) 10.99.111.128/25
VLAN CDCC (ID: 33) 10.99.112.0/27
VLAN NATIVE (ID: 99) 10.0.0.0/28
OUTSIDE 220.17.8.0/28
Version: 1.0
LKSN2017_ITNSA
Date: 29.11.2017
NETWORK SPESIFICATION
NETWORK DIAGRAM
MODUL B SYSTEM INTEGRATION & CISCO ISLAND
Name : winsrv1
OS : Windows Server 2012 R2 Name : winsrv2
User: Administrator VMnet1 OS : Windows Server 2012 R2
Password: Skills39 VMnet1 User: Administrator
Domain: skillsbetter.com
IP-Address :
SW1 Password: Skills39
Domain: skillsbetter.com
Name : SW1 IP-Address :
172.20.31.5/28
Password:Skills39 172.29.1.5/28
Service:
VLAN: Service:
- AD
VLAN 10: External :200.132.45.33/25 - AD
- DNS
VLAN 20: Windows: 172.20.31.0/28 - DNS
- PKI (Public Key Infrastructure)
VLAN 30: Linux:172.20.30./29 - Web Server
- GPO
VLAN 40: Branch: 172.29.1.0/28
- DFS winsrv1 Service:
- DFS
- SNMP
- Port Security winsrv2 - SNMP
- VPN Server (RRAS)
- VLAN
- SSH
- SNMP
Name : lnxsrv2
OS : Debian 7.8
User: root Name : winclnt2 (Internal)
Password: Skills39
Domain: skillsbetter.com
VMnet3 OS : Windows 8.1
User: Administrator
IP-Address :
172.20.30.4/29
IP Phone Password: Skills39
Domain: skillsbetter.com
Service: IP-Address :
Ext 1002 DHCP Client
- Web Server (nginx)
- Mail Server Service:
- Web Mail - Join Domain
- Cacti - Softphone
- SNMP lnxsrv2 lnxclnt2