Everything provided below

Objective:

The main objective of this assignment is to make efficient use of VPNs as means of secure connections between different locations of an international company. The student will build the company network and then configure Site-to-Site IPsec VPNs between multiple office locations of a fictitious company called Future Tech Enterprises, verify the VPN tunnels, and ensure secure communication between these sites.

Scenario: Global Tech Enterprises

Future Tech Enterprises is a multinational corporation with headquarters in New York and

branch offices in Abu Dhabi and London. The company needs to ensure secure

communication between its offices over the internet. Each site has its own local network, and

the organization wants to establish secure Site-to-Site IPsec VPN tunnels between these

locations to protect sensitive data during transmission.

Network Overview:

New York Office:

Network: 10.11.1.0/24

Router: NY-R1

External IP: 203.0.113.1

Abu Dhabi Office:

Network: 10.22.2.0/24

Router: AD-R1

External IP: 198.51.100.1

London Office:

Network: 10.33.3.0/24

Router: LDN-R1

External IP: 192.0.2.1

Your task is to configure and verify Site-to-Site IPsec VPNs between these three offices to

ensure that all communication over the public internet is encrypted and secure.

Part 1: Understanding Site-to-Site IPsec VPNs (20 points)

Conduct your own research and explain the following questions (Make sure to add the necessary citations):

• List two advantage and two disadvantages of the use of VPNs to connect different sites of this company
• Define what a Site-to-Site IPsec VPN is and explain its relevance to Future Tech Enterprises.
• Describe the different phases of IPsec (IKE Phase 1 and IKE Phase 2) and how they secure communication between the New York, Abu Dhabi and London offices.
• Discuss the encryption and authentication algorithms that would be appropriate for a multinational corporation like Future Tech Enterprises.
• Compare IPSEC Site-to-Site VPNs with any other alternative. List a scenario where IPSEC remains the preferred choice and another scenario where an alternative might be better suited for Future Tech Enterprises.

Part 2: Configuring the Site-to-Site IPsec VPNs (50 points)

Network Topology Setup (10 points)

Using network simulation software (e.g., Cisco Packet Tracer) design a network topology that

includes the New York, Abu Dhabi, and London offices.

Include network address assignments, routing configurations (static routing), and firewall settings as

necessary.

Provide a diagram of the network topology showing how each office connects to the other two.

After configuring static routing test your routing configuration by pinging between office networks. Include screenshots showing successful pings.

IPsec VPN Configuration (30 points)

Configure the IPsec VPN on the routers at each office (NY-R1, AD-R1, LDN-R1). Ensure the

configurations include:

• ISAKMP Policy
• IPsec Transform Set
• Crypto Map
• Access Control Lists (ACLs) for interesting traffic between the sites
• Applying the Crypto Map to the appropriate interfaces
• Document the configuration commands used on each router, explaining the purpose of each
• command.

Verification (10 points)

Verify that the IPsec VPN tunnels are established successfully between all three offices. Provide

output from relevant verification commands (e.g., show crypto isakmp sa, show crypto ipsec

sa).

Demonstrate secure communication between the offices by pinging between devices on

different networks (e.g., from a device in the New York office to a device in the London office)

and observing encrypted traffic. Make sure to add screenshots in the report

Part 3: Testing and Troubleshooting (20 points)

_Testing the VPN Tunnels _(10 points)

Test the VPN tunnels by initiating traffic that matches the ACLs defined in the configuration,

ensuring that communication between New York, Abu Dhabi, and London is secure.

Provide evidence (screenshots or command outputs) showing successful data transmission over

the VPNs.

Part 4: Reflection and Documentation (10 points)

Write a reflection on what you learned during this assignment. Highlight any challenges you

faced, particularly in managing multiple VPN tunnels, and how you overcame them.

** Add references and also sign the Academic Integrity Disclaimer in the report template.

Submission

Each student must submit 2 files in the given order:

1. Primary file submission: Full report in a single PDF containing answers to all the Parts along with the screenshots wherever applicable. Name the report firstname_lastname_A1.pdf. Use the following to compile your report.
2. Secondary file submission: A packet tracer file. Make sure the user account details under packet tracer file must have username a s your firstname_lastname and email must match your ZU email.

Assignment Information