VIDEO
HIGHLIGHT
Log InSign up
Company Network Design & Implementation Using Cisco Packet Tracer | Enterprise Network Project #6
SummaryTranscriptChat

Company Network Design & Implementation Using Cisco Packet Tracer | Enterprise Network Project #6

Introduction to Enterprise Networking Project 6

Overview of the Video

  • The host welcomes viewers and introduces the focus on Enterprise Networking Project 6, referencing previous projects covered in earlier videos.
  • Viewers are directed to access prior project links in the video description or through the channel's playlist for comprehensive learning.
  • A brief recap of previous projects: Simple Networking Project, Small Office Home Office Network, Hotel Management System, Compass Management System, and Bank Network Design.

Case Study Introduction

  • The host explains that case studies are sourced from various clients globally to design and implement networks based on specific requirements.
  • The case study involves a trading floor support center with 600 staff needing a new network due to relocation to a building without existing infrastructure.

Network Requirements and Design

Building Layout and User Distribution

  • The new building will have three floors with two departments per floor; each department has approximately 120 users.
  • Departments include Sales & Marketing, Human Resources & Logistics on the first floor; Finance & Accounts, Administration & Public Relations on the second; ICT Department on the third.

Key Network Design Specifications

  • A logical design is required to ensure future-proofing while meeting current business needs. Cisco Packet Tracer will be used for implementation.
  • Redundancy is crucial; at least two routers and multilayer switches must be utilized along with connections to two ISPs for reliability.

Technical Implementation Details

VLAN Configuration and IP Addressing

  • Each department requires its own VLAN and subnet. Devices should communicate via configured mutual switches using inter-VLAN routing.
  • All devices will obtain dynamic IP addresses from a dedicated DHCP server located in the server room while static IP addresses are assigned to server room devices.

Security Measures and Protocol Usage

  • OSPF will be used as the routing protocol across routers and multilayer switches. SSH configuration is necessary for remote logging access.
  • Port security measures will restrict device connections in sensitive areas like Finance & Accounts by allowing only one PC per switch port using sticky MAC address methods.

Conclusion of Project Scope

Summary of Project Complexity

  • The project encompasses multiple technologies from design through testing communication, emphasizing its importance within enterprise networking contexts.

Network Design Overview

Hierarchical Network Model

  • The hierarchical network model consists of three layers: access, distribution (or aggregation), and core.
  • In the design, two routers are placed at the core layer, while two multi-layer switches are positioned at the distribution layer.
  • Access layer switches connect to various departments; six access layer switches are needed for six departments across three floors.

ISP Connectivity

  • The network is designed to connect to at least two Internet Service Providers (ISPs), with each router connecting to both ISPs.
  • Two routers will be designated as ISP1 and ISP2 in the design.

Cabling Connections

  • Different types of cabling are used: serial connections between routers, straight-through cables from routers to multi-layer switches, and crossover cables from multi-layer switches to access layer switches.

Redundancy Implementation

  • Redundancy is built into the topology by ensuring that each access layer switch connects to at least two multi-layer switches and each multi-layer switch connects to at least two routers.

Device Configuration in Departments

  • Each department requires a PC, printer, and an access point for wireless connectivity.
  • Devices were copied across all departments quickly for efficiency; however, specific configurations were made for server rooms including DCP servers, email servers, and DNS servers.

Finalizing Network Setup

  • All devices have been connected according to the design specifications. The setup includes redundancy measures throughout the network structure.

Network Configuration Overview

Initial Setup and Department Identification

  • The speaker introduces three distinct flows in the network design process, indicating a structured approach to configuration.
  • Departments are quickly identified alongside their respective floors, including Sales and Marketing, HR and Logistics, Finance and Accounts, Admin and Public Relations, ICT, and the Server Room.

Power Supply and Interface Activation

  • The interfaces are noted to be in a shutdown state; action is required to power them on for proper functionality.
  • A Layer 3 switch is highlighted as lacking a power supply; steps are taken to include it by dragging the power supply into place.

Design Completion and ISP Identification

  • The design phase nears completion with a reset performed to ensure normal size reception of configurations.
  • ISPs are marked in blue for clarity within the network design layout.

VLAN Configuration for Departments

  • Each department is assigned different VLANs as part of the network configuration strategy.

Basic Settings Configuration Steps

  • The speaker outlines essential steps for configuring devices within the network topology, starting with basic settings across all devices.
  • Specific commands are provided for configuring hostname, console password, enable password, disabling IP domain lookup, and encrypting passwords.

Streamlining Configuration Process

  • To save time during configuration of remaining devices, commands will be written down in Notepad before being copied over.

Multi-layer Switches and Router SSH Configuration

  • Transitioning from access layer switches to multi-layer switches involves additional configurations such as enabling SSH.
  • Key steps for SSH configuration include setting a unique hostname, defining an IP domain name (e.g., cisco.net), creating usernames/passwords, generating crypto keys with specified modulus length.

Configuration of Network Devices

Initial Configuration Steps

  • The configuration begins with setting up the domain name and username, using "admin" as the username and "cisco" as the password.
  • SSH is enabled for remote access by configuring line vty 0 to 15 to log in locally and allowing only SSH connections.

Core Router Setup

  • The speaker notes that they will not configure ISP routers due to lack of control but will set up peering on interfaces for demonstration purposes.
  • SSH version 2 is configured for enhanced security across devices.

VLAN Configuration

  • The first step involved basic settings; now, VLAN configurations are being combined with port assignments on Layer 2 and Layer 3 switches.
  • VLAN numbers (10, 20, etc.) are assigned quickly, indicating a structured approach to organizing network segments.

Port Assignments

  • Ports connected to Layer 3 switches are designated as trunk ports while those connecting to end devices are set as access ports.
  • Specific interface ranges (e.g., fa0/1 to fa0/2) are configured as trunk ports for proper data flow between switches.

Finalizing VLAN Settings

  • VLAN 10 is created and named "sales," followed by assigning specific interfaces (fa0/3 to fa0/24) to this VLAN.
  • Unused Gigabit Ethernet ports are assigned to a separate VLAN (VLAN 99), labeled "black hole," which is then shut down for security reasons.

Copying Configurations Across Switches

  • Commands are copied into Notepad for easy replication across other Layer 2 switches, ensuring consistency in configurations.

Configuring Port Security and VLANs in Networking

Configuring Port Security

  • The configuration begins with setting up port security on interface range fa 0/3 to 24, allowing only one device per port.
  • The sticky command is used to remember the MAC addresses of devices connected to the switch, enhancing security by limiting access.
  • A violation mode of shutdown is configured, meaning if a second device attempts to connect, the port will shut down.
  • Steps two and three are completed for two switches before moving on to layer three switches which do not have access interfaces.

Layer 3 Switch Configuration

  • Interfaces connected to layer 2 switches will be trunk ports while those connected to layer 3 switches will be configured as layer 3 interfaces.
  • Six VLANs (10, 20, 30, 40, 50, and 60) need to be created across all switches.
  • Trunk ports are identified and configured; specifically fa zero slash three through eight are set as trunk ports.

VLAN Creation

  • The switchboard mode is set to trunk for multiple interfaces.
  • VLAN names are assigned: VLAN 10 for Sales, VLAN 20 for HR, VLAN 30 for Finance, VLAN 40 for Admin, VLAN 50 for ICT, and VLAN 60 for Servers.

IP Addressing and Subnetting

  • All devices in the network will obtain IP addresses dynamically from a dedicated DHCP server located in the server room; static allocation is reserved for devices within that room.
  • An addressing table has been prepared detailing subnet masks suitable for each department based on their number of required hosts (e.g., Sales requires a subnet mask that accommodates at least 120 devices).

Finalizing Network Configuration

  • Layer three switches must provide both routing and switching technologies; thus IP addresses must be assigned accordingly between routers and layer three switches.
  • Networks between routers and other components are allocated quickly using predefined addressing tables.

Network Configuration Steps

Interface Configuration

  • The configuration begins with defining the interface range for Gigabit Ethernet, specifically gig 1/0 to gig 1/2.
  • The speaker emphasizes that three interfaces are routable and prepares to assign IP addresses.
  • For interface gig 101, the assigned IP address is 172.16.3.145 with a subnet mask of 255.255.255.252, indicating a /30 prefix.
  • After configuring the first interface, the speaker moves on to configure gig 102, assigning it an IP address of 172.16.3.149.
  • The next step involves configuring another switch's interface (gig 002) with an IP address of 172.16.3.x, where x is determined by available network addresses.

Router Configuration

  • Transitioning to router configuration, the speaker identifies that interface gig 0/0 connects to a specific switch and assigns it an IP address of 172.16.3.146.
  • For interface gig 0/1, the assigned IP is adjusted to avoid conflicts, resulting in an assignment of 172.16.3.154.
  • The discussion shifts towards serial interfaces; specifically, configuring serial interfaces requires setting clock rates due to DCE connections.
  • A clock rate of 64000 is set for one serial connection while assigning public IP addresses like .1 and .5.

Finalizing Configurations

  • Further configurations involve ensuring all routers have unique addresses; for instance, router connections are established using .150 and .158.
  • Each router's serial interfaces are configured similarly, ensuring proper addressing and subnetting practices are followed.
  • The speaker notes that OSPF will be configured later as part of routing protocols across these devices.
  • As configurations progress, attention is given to ensure no overlap occurs in assigned addresses across different routers or switches.

This structured approach provides clarity on each step taken during network configuration while allowing easy navigation through timestamps for further review or study purposes.

Network Configuration and OSPF Setup

Overview of Network Connections

  • The discussion begins with the identification of eight networks, which include six departmental networks plus two additional ones.
  • Emphasis is placed on enabling IP routing on a Layer 3 switch to facilitate the configuration of OSPF (Open Shortest Path First) as the routing protocol.

Configuring OSPF

  • The first command executed is ip routing, followed by configuring OSPF with process ID 10.
  • A detailed explanation of subnetting is provided, including calculations for wildcard masks based on CIDR notation.

Subnet Mask Calculations

  • Various subnet masks are discussed for different departments, such as HR, Finance, Admin, ICT, and Server Room.
  • Specific attention is given to the server room's unique subnet mask of /28 notation and its corresponding wildcard mask calculation.

Advertising Networks

  • The speaker proceeds to advertise all eight networks configured earlier using appropriate commands.
  • Instructions are reiterated regarding enabling routing and setting up router IDs for proper network identification.

Finalizing Configuration Steps

  • Router ID configurations are adjusted to ensure clarity in network management.
  • The speaker confirms that all necessary networks have been advertised successfully across routers and switches involved in the setup.

Additional Router Configurations

  • Further configurations involve advertising specific networks from various routers while ensuring no redundant commands are included.
  • The final steps include checking adjacencies between routers and switches to confirm successful connections within the network topology.

Conclusion of Configuration Process

Configuration and Troubleshooting of Network Devices

Initial Configuration Issues

  • The speaker discusses a mistake made during the configuration of user ID and route ID, which should have been done before advertising networks.
  • A command to reload the system and clear the OSPF process is mentioned to rectify the issue.
  • The speaker notes that they are waiting for the system to boot up after reloading.

Static IP Address Configuration

  • The focus shifts to configuring static IP addresses for devices in the server room, specifying a network range using CIDR notation.
  • Specific IP addresses and subnet masks are assigned to various devices, including a DHCP server with a default gateway set on Layer 3 switches.
  • DNS server settings are configured, ensuring that devices point to the correct DNS address.

DHCP Server Setup

  • The speaker emphasizes creating DHCP pools for different departments so that devices can obtain IP addresses automatically.
  • Configuration details include setting up default gateways and starting IP addresses for each department's pool (e.g., HR, Finance).
  • Each department's pool is carefully defined with specific ranges and subnet masks.

Finalizing DHCP Pools

  • Adjustments are made to ensure all configurations align correctly across different departmental pools.
  • Corrections are noted regarding finance pool settings, ensuring accurate configurations before saving changes.

Configuring Inter-VLAN Routing

  • Transitioning into inter-VLAN routing setup on Layer 3 switches; VLAN interfaces are created with appropriate IP addressing schemes.
  • The speaker outlines how to enable services on switches while ensuring proper configuration of helper addresses for DHCP relay functionality.

Network Configuration and Setup

VLAN and DHCP Configuration

  • The process begins with configuring the VLAN interface, specifically interface vlan 1, followed by entering the IP address of the DHCP server.

Wireless Network Setup

  • The configuration for a wireless network is straightforward; an example access point is set up with an SSID and password (e.g., "sales" and "123").

Device Connection to Access Points

  • A laptop without a Wi-Fi card is modified to connect to the wireless network. After replacing the card, it connects successfully using the specified SSID and password.

Access Point Connectivity

  • All devices are connected to their respective access points in various apartments, demonstrating successful wireless connectivity across multiple devices.

Port Address Translation (PAT) Configuration

  • The next step involves configuring Port Address Translation (PAT) along with Access Control Lists (ACL). This setup will translate private IP addresses into public ones on routers only, not switches.

NAT Configuration Steps

NAT Implementation Overview

  • The project requires configuring NAT on routers using their outbound IPv4 addresses while implementing necessary ACL rules for traffic management.

Source List Creation for NAT

  • To configure PAT, a source list is created that permits specific networks. This includes defining which interfaces will handle incoming traffic from these networks.

Interface Configuration for NAT

  • Interfaces are designated as either inside or outside for NAT purposes. Specific commands are used to mark interfaces accordingly, ensuring proper traffic flow through the router.

Finalizing Router Configurations

Copying Configurations Between Routers

  • Once configurations are complete on one router, they are copied over to another router to maintain consistency in settings across devices.

Verifying NAT Functionality

  • After setting up NAT, verification steps include checking translations and ensuring that pings can reach external networks effectively.

Static Route Configuration

Default Static Route Setup

Network Configuration and Testing Overview

Interface Routing Setup

  • The configuration begins with routing any IP address through specified interfaces, designating Gigabit Ethernet 0/1 as the primary interface and Gigabit Ethernet 0/2 as the secondary.
  • An administrative distance of 70 is chosen for redundancy purposes, ensuring that if the primary fails, the secondary can take over seamlessly.

Router Configuration

  • The main active router is configured with a serial connection (Serial 0/2), while the backup router is set to Serial 0/1. This setup ensures proper failover capabilities.
  • After configuring routers, verification of DHCP functionality is performed to ensure devices are receiving their IP addresses correctly.

Device Connectivity Verification

  • Wireless devices such as laptops and tablets successfully obtain IP addresses from DHCP, indicating proper network connectivity.
  • A problem arises with one access point not functioning correctly; troubleshooting will be necessary to resolve this issue.

Network Testing Procedures

  • A ping test is conducted between PCs to verify connectivity; successful pings confirm that communication across the network is operational.
  • SSH access to a router is tested using valid credentials, confirming secure remote management capabilities.

Port Security Adjustments

  • To accommodate an access point connected to a port previously restricted by port security settings, adjustments are made by excluding it from these restrictions.
  • Commands are issued to reverse initial port security configurations, allowing multiple devices on the same port without triggering security violations.

Final Network Checks and Documentation

  • The status of ports is checked post-adjustment; successful changes indicate that configurations have been applied correctly.
  • A ping test towards an ISP device confirms external connectivity; this validates that traffic can flow beyond local networks effectively.

NAT Functionality Confirmation

  • NAT (Network Address Translation) functionality is verified through command checks showing correct translations between internal and external IP addresses.

Project Completion Summary

  • The project concludes with all configurations validated: OSPF routing works successfully alongside other implemented technologies like DHCP and NAT.
Video description

How to Design and Implement Enterprise Networking Project on Cisco Packet Tracer Company Business Network Design and Implementation Using Cisco Packet Tracer Technologies implemented; Hierarchical Network Design, ISPs, VLANs, Inter-VLAN Routing (Switch Virtual Interface SVI), DHCP Server, Port-Security, SSH, NAT Overload(Port Address Translation PAT), ACL, WLAN (how to configure access points), Static IPv4 Addressing, Host Configurations e.t.c For any assistance WhatsApp: +254791812690 Visit our Website to contact us: https://otombenard.com or https://gurutechnetworks.otombenard.com/ Follow us on Facebook: facebook.com/GtechSolutionsKenya Support me on PayPal: gurutech.solutionske@gmail.com PREVIOUS PROJECTS 9. Financial Company Network System: https://youtu.be/p1MlbN1Wh8w 8. VoIP Telephony Service Project: https://youtu.be/T0PK9HCGP3c 7. Hospital Network Design: https://youtu.be/xTmcAa3t9UQ 6. Company Business Network Design: https://youtu.be/eqEd84yeRxg 5c. Bank System Network Part 3: https://youtu.be/NLMqmaBvD8Q 5b. Bank System Network Part 2: https://youtu.be/rtWYsyT7_1c 5a. Bank System Network Part 1: https://youtu.be/T8F5F9Jt8Yk 4. Campus Network: https://youtu.be/qIbhkmTB8Q8 3. Hotel System Network: https://youtu.be/RwFJTJTe-OM 2. SOHO Network: https://youtu.be/F_dSpaTMyuA 1. Simple Networking Project: https://youtu.be/T8F5F9Jt8Yk JOIN OUR CHANNEL MEMBERSHIP TO SUPPORT US: https://www.youtube.com/channel/UCxJkPCIi5Tras0_Y8e54ZKA/join