Setting up Wired and Wireless LAN in the network
In the give task there are 5 departments like Manager, Consultants, Front desk, Finance and guest. There is requirement to configure the networking between the provided departments. As a reference of this task network topology is given, in which, firewall, router, internet service, wireless router, PCs and Wireless client (Laptops) are present. So, it is clear that there is requirement to setup wired as well as wireless LAN in the network.
To setup the required network, VLAN must be created. Number of departments are 5, so there is requirement to configured 5 VLAN in the network. Each VLAN required different network address. So, to configure the communication between the different network and VLAN, Inter VLAN routing will be required. With the help of wireless access point, Wireless network service can be provided in the network. In this access point SSID, wireless network passphrase, DHCP server will be required to configure. To provide the IP address in the VLAN devices, DHCP server can be configured in the router, so that each VLAN client will be able to receive IP address from the router.
Configuration details on the hardware:
Router configuration detail :
|Port||2 FastEthernet (Modular router)|
Switch configuration details :
|Port||24 port, 2 Gigabyte Ethernet|
As per the given reference topology and given requirement, all client PC will be connected with network using the L2 manageable switch. To connect with this switch, twisted pair cable with straight through connection will be used. All PCs will be attached to the Ethernet port, this Ethernet will be added to the particular VLAN as per the department of PC. There is no number of hosts given per the network, so assuming there are 16 hosts available for each department, so total 80 hosts system will be there. To connect these 80 systems total 5 switches with 24 port Ethernet port will be required. Form the 5 switch, one switch will become backbone switch. This will be responsible for connection of all other (4) switches. To connect switch with each other, twisted pair cable with cross over connection will be used. To share the VLAN details from one switch to another switch trunk port must be set. So, in backbone switch all the port that are responsible to connect the other switch will be required to set as trunk .
To provide the communication between the different VLAN, router will be used as gateway for all VLAN. So, the port which is connected with router’s FastEthernet 0/0 interface will be set as trunk.
IP address table
To provide communication between the hosts, IP address will be needed. So, for the local communication class C IP address 192.168.1.0/24 has been choose as it is able to provide maximum 254 usable hosts in the network. So, for this IP address, IP address range for the each department can be given in below table :
|Department||Hosts||Possible hosts in segment||Network address||IP address range||Broadcast address||Subnetmask|
|Manager||16||32||192.168.1.64||192.168.1.65 - 192.168.1.94||192.168.1.95||255.255.255.224|
|Consultants||16||32||192.168.1.96||192.168.1.97 - 192.168.1.126||192.168.1.127||255.255.255.224|
|Front desk||16||32||192.168.1.128||192.168.1.129 - 192.168.1.158||192.168.1.159||255.255.255.224|
|Finance||16||32||192.168.1.160||192.168.1.161 - 192.168.1.190||192.168.1.191||255.255.255.224|
|Guest||16||32||192.168.1.192||192.168.1.193 - 192.168.1.222||192.168.1.223||255.255.255.224|
|Wireless||50||64||192.168.1.0||192.168.1.1 - 192.168.1.62||192.168.1.63||255.255.255.192|
In the above table, network address, IP address range, broadcast address and a Subnetmask detail has been provided. But while assigning the IP address for the department only IP address from the range column and subnet mask will be used. The wireless network requirement is assumed as 50, but based on the requirement the above table can be vary.
Network topology diagram
Network topology diagram for the asked network is shown as above. This diagram was created with the help of netsim. As a manageable switch, cisco 2960 was used and as a router, cisco 2621 router was taken. Department wise PC is labelled in above diagram. For the example, with switch1 manager PC1 and Consultants PC1 are connected. In every switch, ports are added to VLAN according to the department.
Setting up hostname of the switch:
Setting up privilege password in switch:
To set password as cisco “enable secret cisco” command is used.
Creating VLAN in switch:
Here, vlan ID is 10.
Adding port fast Ethernet 0/1 to VLAN 10:
Switch(config)#int fa 0/1
Switch(config-if)#switchport access vlan 10
Above command will add the port fa 0/1 to the vlan 10.
Similarly, adding fa 0/3 to vlan 20:
Similar to switch1, all other switch can be configured.
Setting up trunk interface in backbone switch:
Setting fa 0/1 of backbone switch as trunk:
backbone(config)# int fa 0/1
backbone(config-if)#switchport mode trunk
Now, setting a rage of IP as trunk :
backbone(config)# int range fa 0/1-6
backbone(config-if-range)#switchport mode trunk
To save the configuration, “write memory” command in privilege mode will be used.
This will copy all running configuration from the RAM to start up configuration
Setting a hostname in router as router1:
Above command will set router name as router1
Setting up privilege mode password similar to switch:
To perform the inter VLAN routing fa 0/0 interface port of router must be up :
To enable the port “no shutdown” command will be used as below:
After changing state of physical interface to up, sub interface can be created as below:
Router1(config)#int fa 0/0.10
Router1(config-sub-if)#encapsulation dot1q 10
#here 10 is VLAN id
Router1(config-sub-if)#ip address 192.168.1.65 255.255.255.224
#here, ip address of this interface will be set as 192.168.1.65
Similarly to the fa 0/0.10 sub interface, other sub interface can be configured as below:
To save the configuration, write memory command will be used as below:
Access point guidelines
The IP address of the Access must be a member of network, so that it can resolve the internet from the gateway router. Appropriate SSID, encryption method as WPA2, DNS server will be required to configure in the wireless AP configuration.
Server configuration guidelines:
As per the given details, there is no any mention of server. But as there is printer, assuming there is requirement of print server. For the Microsoft server will be required to install and this server must be configured with print server to provide the service of printer. It is recommended to us AD DS server role also, which can be used to control the client PC in the network.
For the privilege mode security password has been set as below:
The port of the switch can be secure by implementing port security in the switch as below:
Interface fa 0/20
#selects port, before implementing port security
#this will enable the port security option in selected port
Switchport port-security maximum 1
#this will allow only one MAC address through the specified port
Switchport port-security violation shutdown
#if there is violation of security policy than specified port will be shutdown
Network configuration can be done by implementing network switch, routers and wireless AP. But during the set up process there is requirement to check the physical connection. To check the same, LAN cable tester is available to check the physical connection. After that switch will be configured with VLAN and trunk port for providing VLAN service in the network, and the security of the device can be ensure by implementing port security in the switch. Router will play the role of routing as well as the gateway of the given network.