The objective of this project was to design, implement, and manage a modern, secure, and resilient enterprise network for a growing company. The project focused on ensuring connectivity, segmentation, scalability, redundancy, performance optimization, and security, while anticipating future expansion and Internet connectivity requirements.
- Enterprise network design and architecture planning
- VLAN segmentation for departments, voice, management, and wireless networks -Inter-VLAN routing and Layer 3 switching -Implementation of redundancy and high availability mechanisms -Network performance optimization using STP and EtherChannel -Layer 2 security hardening techniques -Wireless network deployment with enterprise-grade authentication -Network testing, troubleshooting, and documentation best practices
- Cisco Packet Tracer.
- Network Design and Planning Designed the logical and physical network topology for a two-floor enterprise building, ensuring scalability and segmentation for multiple departments (IT, Administration, Voice, Wireless, and Management VLANs).
*Ref 1: Network Diagram*
| VLAN ID | VLAN Name | Gateway IP Address | Subnet Mask |
|---|---|---|---|
| 10 | IT | 192.168.10.254 | 255.255.255.0 |
| 20 | Administration | 192.168.20.254 | 255.255.255.0 |
| 30 | Voice | 192.168.30.254 | 255.255.255.0 |
| 90 | Management | 192.168.90.254 | 255.255.255.0 |
| 99 | Native | 192.168.99.254 | 255.255.255.0 |
| Device Name | Device Type | Vendor | Model |
|---|---|---|---|
| Router0 | Router | Cisco | ISR 4331 |
| Distribution-Switch | Layer 3 Switch | Cisco | Catalyst 3650 |
| Floor1-Switch | Layer 2 Switch | Cisco | Catalyst 2960 |
| Floor2-Switch | Layer 2 Switch | Cisco | Catalyst 2960 |
| Access-Switch-0 | Layer 2 Switch | Cisco | Catalyst 2960 |
| Access-Switch-1 | Layer 2 Switch | Cisco | Catalyst 2960 |
| DNS-Server | Server | Cisco | Packet Tracer |
| RADIUS-Server | Server | Cisco | Packet Tracer |
| Google-Server | Server | Cisco | Packet Tracer |
| Facebook-Server | Server | Cisco | Packet Tracer |
| Wireless-LAN-Controller | WLC | Cisco | 3504 |
| AP01 | Access Point | Cisco | 3702i |
| AP02 | Access Point | Cisco | 3702i |
| DSL-Modem0 | DSL Modem | Cisco | DSL-Modem-PT |
DHCPv4 was configured on the Layer 3 Distribution Switch to provide automatic IP address assignment for all enterprise VLANs. Each DHCP pool was configured with the appropriate network, default gateway, DNS server, and excluded address ranges reserved for infrastructure devices.
| VLAN ID | Network Address | Default Gateway | DNS Server | Excluded Address Range |
|---|---|---|---|---|
| 10 | 192.168.10.0/24 | 192.168.10.254 | 192.168.90.111 | 192.168.10.240 – 192.168.10.254 |
| 20 | 192.168.20.0/24 | 192.168.20.254 | 192.168.90.111 | 192.168.20.240 – 192.168.20.254 |
| 30 | 192.168.30.0/24 | 192.168.30.254 | 192.168.90.111 | 192.168.30.240 – 192.168.30.254 |
| 200 | 192.168.200.0/24 | 192.168.200.254 | 192.168.90.111 | 192.168.200.240 – 192.168.200.254 |
| 90 | 192.168.90.0/24 | 192.168.90.254 | 192.168.90.111 | 192.168.90.240 – 192.168.90.254 |