School Network Design Using Cisco Packet Tracer
Cisco Packet Tracer School Network Lab: Design, Configuration, and Testing
Project Overview
The School Network Design Home Lab was built using Cisco Packet Tracer to establish a comprehensive network for a school. The objective was to establish a network with distinct segments for various departments, connect the devices, and ensure seamless and secure functionality.
Network Setup
I started with the 10.3.99.0 network address and divided it into six subnets networks to handle all the different parts of the school. Here’s how the network is set up:
Admissions Subne
t (10.3.99.0/27): This subnet has 2 computers and 2 servers (DHCP and FTP).
Administration Subne
t (10.3.99.32/27): It has 2 computers and 1 DHCP server.
Faculty Subnet
(10.3.99.64/27): There is 1 server, 2 laptops, and 4 computers for the faculty.
Student Subnet
(10.3.99.96/27): This one has a DHCP server and supports up to 20 devices, including 10 laptops.
Housing Subnet
(10.3.99.128/27): Includes 2 computers and a DHCP server.
Library Subnet (10.3.99.160/27): Equipped with 2 computers, a wireless router, and 4 wireless devices.
Subnet Name | Subnet Mask | Subnet Address | Default Gateway | Broadcast Address | Usable Host Range |
Admissions | 255.255.255.224 | 10.3.99.0 | 10.3.99.1 | 10.3.99.31 | 10.3.99.2 - 10.3.99.30 |
Administration | 255.255.255.224 | 10.3.99.32 | 10.3.99.33 | 10.3.99.63 | 10.3.99.34 - 10.3.99.62 |
Faculty | 255.255.255.224 | 10.3.99.64 | 10.3.99.65 | 10.3.99.95 | 10.3.99.66 - 10.3.99.94 |
Student | 255.255.255.224 | 10.3.99.96 | 10.3.99.97 | 10.3.99.127 | 10.3.99.98 - 10.3.99.126 |
Housing | 255.255.255.224 | 10.3.99.128 | 10.3.99.129 | 10.3.99.159 | 10.3.99.130 - 10.3.99.158 |
Library | 255.255.255.224 | 10.3.99.160 | 10.3.99.161 | 10.3.99.191 | 10.3.99.162 - 10.3.99.190 |
IP Addressing Scheme
I made sure to keep things consistent when assigning IP addresses:
Servers always got the last usable IP address in their subnet.
Computers got the first usable IP address.
The wireless router in the Library subnet also got the last available IP address.
For example:
Admissions
FTP Server
: 10.3.99.29
Student DHCP Server
: 10.3.99.126
Library Wireless Router
: 10.3.99.190
Security with ACLs
To keep everything secure, I used Access Control Lists (ACLs) to control which devices could talk to each other in different parts of the network. I set up four ACLs to block access to servers in certain subnets:
ACL 20
: Blocks access to Admissions servers.
ACL 30
: Blocks access to Administration servers.
ACL 40
: Blocks access to Faculty servers.
ACL 50
: Blocks access to Student servers.
I tested these ACLs by pinging between devices to make sure they worked as expected. Everything worked great – devices couldn’t communicate when they weren't supposed to, which was exactly the goal!
ping screenshot testing the ACL 30
Connectivity Testing and Topology
Once everything was set up, I ran ping tests across all the subnets to make sure everything connected properly. This helped me confirm that the devices that should connect could do so and that the ACLs were working right.
I created both logical and physical topology diagrams. The logical diagram illustrates the interconnections among various network components, but the physical diagram shows the actual arrangement of equipment within server racks, such as routers and switches, similar to a genuine server room setup.
Network Topology Diagram
[packet tracer topology diagram screenshot]
Challenges
One of the challenge was getting the ACLs perfect to make sure everything was secure without slowing down the network. It took some trial and error.
You can find the project on GitHub here: School Network Design Home Lab
Technical Details
Technologies
Categories
Timeline
Quick Actions
Other Projects
Explore more of my cybersecurity work
