Gadgets on web

     vlsm-calc.net  

     wireshark.org  

    MAC OUI search  

 

Related links

   cisco.netacad.net   

     gns3.org   

    cisco VoIP   

 

Start with CMS

    Drupal.org             

    Joomla.org           

    Wordpress.org    

 

8. Small office configuration scenario with VLAN and internet access nr. 2

PDF version

Small office network in our scenario separate hosts on 3 VLAN (1, 2 and 3). Because one part of network is really old we can here found shared segment with old L1 hub. Redundant link in switched topology introduced between S2 and S3 must be monitored with STP. 

Scenario consist of:

  • PPP link with CHAP authentication between Office and ISP router

              Office part of config:

                username ISP password 0 ciscochap
                interface Serial0/0/0
                ip address 198.160.131.13 255.255.255.252
                encapsulation ppp
                ppp authentication chap

             ISP part of config:
                 username Office password 0 ciscochap

                  interface Serial0/0/0
                  ip address 198.160.131.14 255.255.255.252
                  encapsulation ppp
                  ppp authentication chap
                  clock rate 2000000
 
  • NAT with PAT on S0/0/0 for inside hosts internet access
     ip access-list standard NAT
     permit 192.168.1.0 0.0.0.255
         ip nat inside source list NAT interface Serial0/0/0 overload

     
  • static NAT for local server 
         ip nat inside source static 192.168.1.130 200.0.0.1 
  • DHCP for appropriate LAN clients
        DHCP excluded address
                      192.168.1.1, .129, .130, .193,
    ip dhcp excluded-address 192.168.1.1
    ip dhcp excluded-address 192.168.1.129
    ip dhcp excluded-address 192.168.1.130
    ip dhcp excluded-address 192.168.1.193
    ip dhcp excluded-address 192.168.1.131
    ip dhcp excluded-address 192.168.1.132
    ip dhcp excluded-address 192.168.1.133
    !
    ip dhcp pool VLAN3
     network 192.168.1.128 255.255.255.192
     default-router 192.168.1.129
     dns-server 192.168.1.130
    ip dhcp pool VLAN2
     network 192.168.1.0 255.255.255.128
     default-router 192.168.1.1
     dns-server 192.168.1.130
    ip dhcp pool VLAN1
     network 192.168.1.192 255.255.255.224
     default-router 192.168.1.193
     dns-server 192.168.1.130
     
  • router on a stick inter VLAN communication on Office router
    interface FastEthernet0/0
     no ip address
     duplex auto
     speed auto
    !
    interface FastEthernet0/0.1
     encapsulation dot1Q 1
     ip address 192.168.1.193 255.255.255.224
     ip nat inside
    !
    interface FastEthernet0/0.2
     encapsulation dot1Q 2
     ip address 192.168.1.1 255.255.255.128
     ip nat inside
    !
    interface FastEthernet0/0.3
     encapsulation dot1Q 3 native
     ip address 192.168.1.129 255.255.255.192
     ip nat inside
     
  • S3 rootBridge selection for STP
        spanning-tree vlan 1-3 priority 4096
     
  • VTP configuration with S1 acting as VTP Server propagating VLAN configuration to entire network
       VTP domain: office
       VTP pass: cisco123
       VTP-server - S1, VTP-Client S2, S3

     
  • subnetting with VLSM
      192.168.1.129/26 VLAN 3 Admin&Native
      192.168.1.1/25     VLAN 2 Staff
      192.168.1.193/27 VLAN 1 Guest - default cant be renamed
     

Preconfigured scenario can be obtained from here (PKT 5.2 or above you need). Topology diagram for scenario is