Packet Tracer Lab Project for CoLab Cyber Team Alpha: VLANs, DHCP, and Inter-VLAN Routing

Objective:

The objective of this lab is to provide hands-on experience in configuring VLANs (Virtual Local Area Networks), DHCP (Dynamic Host Configuration Protocol), and inter-VLAN routing on a Cisco network. Students will learn to segment a network using VLANs, configure a router to assign IP addresses via DHCP, and enable communication between VLANs through inter-VLAN routing. They will test connectivity between devices in different VLANs using the ping command and implement basic security measures such as Access Control Lists (ACLs) to restrict traffic between VLANs. By the end of the lab, students will have a functional network, documented configurations, and a clear understanding of network segmentation, IP address management, and basic network security.

Tasks for Team Alpha:

Step 1: Network Topology Setup

Create the Network Topology

Drag and drop the following devices into the packet tracerworkspace:

• 1 Router (1841)

• 1 Switch (2960)

• 2 PCs (PC0 and PC1)

Connect the devices using the appropriate cables:

• Connect the Router's GigabitEthernet0/0 interface to the Switch's FastEthernet0/1 interface using a straight-through cable.

• Connect PC0 to the Switch's FastEthernet0/2 interface using a straight-through cable.

• Connect PC1 to the Switch's FastEthernet0/3 interface using a straight-through cable.

Power On the Devices:

Ensure all devices are powered on (click the power button on each device).

Step 2: VLAN Configuration on the Switch

Create VLANs:

Open the Switch's CLI (Command Line Interface)and create two VLANs:

VLAN 10 - Sales

VLAN 20 - HR

Use the following commands:

enable
configure terminal
vlan 10
name Sales
exit
vlan 20
name HR
exit

Assign Ports to VLANs:

Assign PC0 to VLAN 10 (Sales) and PC1 to VLAN 20 (HR):

interface FastEthernet0/2
switchport mode access
switchport access vlan 10
exit
interface FastEthernet0/3
switchport mode access
switchport access vlan 20
exit

Configure the Trunk Port:

Configure the port connected to the Router (FastEthernet0/1) as a trunk port to allow traffic from both VLANs:

interface FastEthernet0/1
switchport mode trunk
exit

Step 3: Router Configuration for DHCP and Inter-VLAN Routing

Configure Subinterfaces on the Router:

Open the Router's CLI and configure subinterfaces for each VLAN:

Subinterface for VLAN 10:

interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
exit

Subinterface for VLAN 20:

interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
exit

Enable DHCP on the Router:

Configure the Router to provide IP addresses to devices in each VLAN using DHCP:

For VLAN 10:

ip dhcp pool VLAN10-POOL
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8
exit

For VLAN 20:

ip dhcp pool VLAN20-POOL
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8
exit

Enable IP Routing:

Ensure IP routing is enabled on the router:

ip routing

Step 4: Test Connectivity

Test DHCP Assignment:

• On PC0 and PC1, set the IP configuration to DHCP and verify that they receive IP addresses in the correct VLAN ranges (192.168.10.x for VLAN 10 and 192.168.20.x for VLAN 20).

• Use the ping command to test connectivity between PC0 and PC1. The ping should now be successful because the router is routing traffic between VLANs.

Step 5: Basic Security Configuration

Configure Access Control Lists (ACLs):

Create an ACL to block traffic from VLAN 10 (Sales) to VLAN 20 (HR):

access-list 100 deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 100 permit ip any any

Apply the ACL to the subinterface for VLAN 10:

interface GigabitEthernet0/0.10
ip access-group 100 in
exit

Test the ACL:

• Attempt to ping PC1 (VLAN 20) from PC0 (VLAN 10). The ping should now fail due to the ACL.

• Attempt to ping PC0 (VLAN 10) from PC1 (VLAN 20). The ping should succeed because the ACL only blocks traffic from VLAN 10 to VLAN 20.

Deliverables for Team Alpha:

1. A Packet Tracer file (.pkt) with the completed VLAN, DHCP, and inter-VLAN routing setup.

2. Screenshots of:

• The Switch's VLAN configuration.

• The Router's subinterface and DHCP configuration.

• The DHCP-assigned IP addresses on PC0 and PC1.

• Successful ping tests between VLANs.

• The ACL configuration and its effect on traffic.

3. Properly document your work, processes, challenges, solutions and screenshots. You can use any tools for this, hashnode, medium, gitbooks, google docs, ms word etc.

Write your individual experience and solutions on a LinkedIn post and tag CoLab (https://www.linkedin.com/company/colab-kaduna/) and tag me (https://www.linkedin.com/in/david-gambo-698855161/)