| Version | Status | Datum | Author | URL |
| 0.1 | Erster Entwurf | 08.08.2019 | Egil Rüefli | |
| 0.2 | Ergänzungen | 08.09.2019 | Richi Stammherr, Tim de Vries, Silvan Dux, Egil Rüefli | |
| 1.0 | Review und Freigabe | 08.09.2020 | Richi Stammherr, Egil Rüefli | |
VLANs der Rafisa Dietikon
zh.rafisa.org - 172.16.0.0/12
| VLAN Name | Kürzel | Funktion | VID | IP-Adresse | FW-Interface-Name | DHCP-Server |
|
| VLAN Management | | | 01 | | | |
| VLAN01 | MGMT | Management | 01 | 172.16.1.0/24 | VLAN01_MGMT | ❌ |
| VLAN Server | | | 10-19 | | | |
| VLAN10 | SRVAUTH | Server Authentifizierung | 10 | 172.16.10.0/24 | VLAN10_SRVAUTH | ❌ |
| VLAN14 | SRVEMPL | Server Ausbildner | 14 | 172.16.14.0/24 | VLAN14_SRVEMPL | ❌ |
| VLAN15 | SRVLEARN | Server Lernende | 15 | 172.16.15.0/24 | VLAN15_SRVLEARN | ❌ |
| VLAN Clients | | | 20-29 | | | |
| VLAN21 | CLEMPL | Clients Ausbildner | 21 | 172.16.21.0/24 | VLAN21_CLEMPL | ✔️ |
| VLAN22 | CLLEARN | Clients Lernende | 22 | 172.16.22.0/24 | VLAN22_CLLEARN | ✔️ |
| VLAN23 | CLGUEST | Clients Guest (WLAN) | 23 | 172.16.23.0/24 | VLAN23_CLGUEST | ✔️ |
| VLAN Drucker | | | 40 | | | |
| VLAN40 | LP | Drucker | 40 | 172.16.40.0/24 | VLAN40_LP | ❌ |
| VLAN Labor | | | 50-59 | | | |
| VLAN51 | LAB01 | Labor 01 | 51 | 172.16.51.0/24 | VLAN51_LAB01 | ✔️ |
| VLAN52 | LAB02 | Labor 02 | 52 | 172.16.52.0/24 | VLAN52_LAB02 | ✔️ |
| VLAN53 | LAB03 | Labor 03 | 53 | 172.16.53.0/24 | VLAN53_LAB03 | ✔️ |
| VLAN54 | LAB04 | Labor 04 | 54 | 172.16.54.0/24 | VLAN54_LAB04 | ✔️ |
| VLAN55 | LAB05 | Labor 05 | 55 | 172.16.55.0/24 | VLAN55_LAB05 | ✔️ |
Berechtigungsmatrix
Die Matrix wird Zeile nach Spalte gelesen (Zugriff von Zeile nach Spalte erlaubt/nicht erlaubt)
| VLAN | 01 | 10 | 14 | 15 | 21 | 22 | 23 | 40 | 51 | 52 | 53 | 54 | 55 | WAN | VPN-EXT |
| 01 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| 10 | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ✔️ |
| 14 | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 15 | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 21 | ❌ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| 22 | ❌ | ✔️ | ❌ | ✔️ | ❌ | ✔️ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 23 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 40 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 51 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 52 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| 53 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ❌ | ✔️ | ❌ |
| 54 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ | ✔️ | ❌ |
| 55 | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ✔️ | ❌ |
| WAN | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ | ❌ |
| VPN-EXT | ❌ | ✔️ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ✔️ |
L3-Netzplan Rafisa Dietikon
| FQDN | IP-Adresse | OS | Services | Service-Team | Service-Owner |
| Server |
| dc-zh-ruga-02.zh.rafisa.org | 172.16.10.22/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| dc-zh-ruga-04.zh.rafisa.org | 172.16.10.24/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| MUSS ERGÄNZT WERDEN |
L3-Soll Zustand Testumgebung
| FQDN | IP-Adresse | OS | Services | Service-Team | Service-Owner |
| Server |
| dc-zh-ruga-02.zh.rafisa.org | 172.16.10.22/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| dc-zh-ruga-04.zh.rafisa.org | 172.16.10.24/24 | Windows Server 2019 | DC/AD, DNS | Server Services | RS |
| MUSS ERGÄNZT WERDEN |