Skip to content

ShivBane/Office-Network

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
OfficeNetwork.pkt
OfficeNetwork.pkt
 
 
Readme.md
Readme.md
 
 

Repository files navigation

SMALL OFFICE NETWORK SETUP AND CONFIGURATION GUIDE

Introduction

This document provides a step-by-step guide for configuring a structured network topology. The setup includes VLAN segmentation, Router-on-a-Stick configuration, DHCP services, and an extended ACL to control traffic between networks.

Network Components

  • Switch 1: Hosts two VLANs:
    • VLAN 10: 172.31.1.0/24
    • VLAN 20: 172.31.2.0/24
  • Two Access Points:
    • SSID: EmployeeWiFi (VLAN 10)
    • SSID: InternWiFi (VLAN 20)
  • Two DHCP Servers: Provide dynamic IP addresses for each VLAN.
  • Router (Router-on-a-Stick): Handles inter-VLAN communication and connects to an external server network (192.168.1.0/24).
  • Server: Connected to the router on a separate interface (192.168.1.0/24).
  • Access Control List (ACL): Restricts VLAN 20 (172.31.2.0/24) from accessing the server network (192.168.1.0/24).

Network Topology

(Insert network diagram here if applicable)

Step-by-Step Configuration

1. Configure VLANs on Switch 1

enable
configure terminal

# Create VLANs
vlan 10
name Employee
vlan 20
name Intern

# Assign VLANs to ports
interface FastEthernet 0/1
switchport mode access
switchport access vlan 10

interface FastEthernet 0/2
switchport mode access
switchport access vlan 20

# Configure trunk link to router
interface GigabitEthernet 0/1
switchport mode trunk
switchport trunk encapsulation allowed vlan 10,20
exit

2. Configure Router-on-a-Stick on the Router

enable
configure terminal

# Enable sub-interfaces for VLANs
interface GigabitEthernet 0/0
no shutdown

interface GigabitEthernet 0/0.10
encapsulation dot1q 10
ip address 172.31.1.254 255.255.255.0

interface GigabitEthernet 0/0.20
encapsulation dot1q 20
ip address 172.31.2.254 255.255.255.0

# Configure external network interface
interface GigabitEthernet 0/1
ip address 192.168.1.254 255.255.255.0
no shutdown
exit

3. Enable Routing on the Router

ip routing

4. Configure DHCP for Each VLAN (Optional)

ip dhcp pool VLAN10
network 172.31.1.0 255.255.255.0
default-router 172.31.1.254
dns-server 0.0.0.0

ip dhcp pool VLAN20
network 172.31.2.0 255.255.255.0
default-router 172.31.2.254
dns-server 0.0.0.0

5. Configure Extended ACL to Restrict VLAN 20 from Server Access

enable
configure terminal

# Create ACL 101 to block VLAN 20 from reaching the server network
ip access-list extended BLOCK_VLAN20_TO_SERVER
deny ip 172.31.2.0 0.0.0.255 192.168.1.0 0.0.0.255
permit ip any any  # Allow all other traffic

# Apply ACL to outbound traffic on GigabitEthernet 0/1
interface GigabitEthernet 0/1
ip access-group BLOCK_VLAN20_TO_SERVER out
exit

Verification Steps

1. Check VLAN Configuration on the Switch

show vlan brief

2. Verify Router Interfaces

show ip interface brief

3. Check Routing Table

show ip route

4. Test Connectivity

✅ Ping between VLANs (should work):

ping 172.31.2.1

✅ Ping from VLAN 10 to Server (should work):

ping 192.168.1.1

❌ Ping from VLAN 20 to Server (should fail):

ping 192.168.1.1

Summary

✅ VLANs configured correctly
✅ Inter-VLAN routing enabled
✅ Router-on-a-Stick setup completed
✅ DHCP services enabled (optional)
✅ ACL applied to block VLAN 20 from reaching the server network

This configuration ensures a structured network setup with security and efficient routing. 🚀

About

This repository provides a step-by-step guide for configuring a structured small office network topology.

medium.com/@shubhambane192/small-office-network-setup-and-configuration-guide-3c3171ab20e7

Topics

networking dhcp access-control cisco-packet-tracer inter-vlan-routing

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published