The objective of this lab is to configure a simple network with multiple devices connected through a router and switches.
- Open Packet Tracer and select the router, two switches, four computers, and two printers.
- Drag and drop the devices onto the workspace.
- Connect one switch to each side of the router using Ethernet cables.
-
Note : Press control (CTRL) on your keyboard and the automatically choose connection type icon
and you can connect each of these devices on the network.
-
- Connect two computers and 1 printer to each switch.
- Access the router's Command Line Interface (CLI) by clicking on it and selecting "Command Line Interface."
- First you will be prompted with
Continue with configuration dialog? [yes/no]:and here you will enternoas it will not be needed and typically not needed in many instances. - Enter global configuration mode initially by using the
enable(privileged EXEC mode) command and then to enter the global configuration mode by enteringconfigure terminalorconf tfor short.
- Configure IP addresses for each router interface (g0/0/0 and g0/0/1) using the interface and ip address commands.
- For this example, interface gigabitethernet0/0/0 followed by ip address 192.168.0.1 255.255.255.128 and this will represent a /25 network with the ability to have 126 host on the network. This is definitely more than we need, but this allows for us to expand the network if needed in the future.
- Configure interface gigabitethernet0/0/0 and
no shutdown(no shut) command on this interface, this is instructing the router to bring that interface up, allowing traffic to flow through it. Just for clarity here, thisno shutdowncommand is typically used after configuring an interface or resolving any issues that may have caused it to be shut down.- Configure ip address for interface g0/0/0
- Configure ip address for interface g0/0/1
- Configure ip address for interface g0/0/0
-
Click on Switch0 to access its configuration panel and select the CLI tab.
-
We will first need to enable port security while in global configuration mode for the interface range fa0/1-3 with the commands
int range f01/-3switchport mode accessand thenswitchport port-security`. -
After port security is enabled, we will configure port security features for the interface range 1, 2 & 3 with sticky MAC addresses using the
switchport port-security mac-address sticky command.
-
Note: The error lets me know that I forgot something or entered something incorrectly and in this instance, it was the "-" between port-security.
-
-
We also enabled violation mode protect (
switch(config-if)#switchport port-security violation protect). When violation mode is configured, the switch quietly discards any traffic from unauthorized MAC addresses without taking any further action. This mode is useful in scenarios where you want to monitor and log unauthorized access attempts without disrupting network connectivity. For further clarity here, if a violation is detected, the switch will take no action to restrict or shut down the port on the switch. Instead, it will simply drop any frames from violating MAC addresses without generating any alerts or notifications. -
After sending a ping from PC0 to PC1 and Printer0, we can see that port security has been enabled and has a securesticky type
- We will also apply this to Switch1 as well
- Click on each computer and printer to access their configuration panels.
- Assign IP addresses, subnet masks, default gateways, and DNS servers to each device.
- Default gateway for PC0 & PC1
- With PC0 selected, choose Desktop and then choose IP Configuration
- Default gateway for PC0 & PC1
- Use IP addresses within the same subnet as the corresponding router interface.
-
PC0 (192.168.0.2), PC1 (192.168.03) & Printer0 (192.168.0.4) each with a subnet mask of 255.255.255.128 and default gateway of 192.168.0.1.
-
-
-
-
PC2 (192.168.0.130) PC3 (192.168.0.131) & Printer1 (192.168.0.132) each with a subnet mask of 255.255.255.128 and default gateway of 192.168.0.129.
-
-
- Optionally, configure static MAC addresses on the computers and printers to ensure compatibility with port security.
- Test connectivity between computers and printers on both sides of the router using the
pingcommand in the Command Prompt.- Here we test the connectivity from PC2 to PC3
- Next, we will test the connectivity from PC2 to PC1 to verify that there can be communication outside of the local network for computers/printer PC2, PC3 and Printer0. The first packet fails as it is going through the process of ARP (Address Resolution Protocol) and has to resolve the IP address to a MAC address.
- Here we test the connectivity from PC2 to PC3
Dispalys the assigned IP addresses, intefaces and devices used for the lab
In conclusion, this lab exercise provided a hands-on opportunity to configure a simple network infrastructure with multiple devices interconnected through a router and a switch. By following the step-by-step instructions, we successfully set up the network topology, configured router interfaces, enabled port security on the switch, and configured the IP addresses and settings for computers and printers.
One of the key takeaways from this lab is the importance of network security. By implementing port security on the switch, we enhanced the security posture of the network by restricting access to authorized devices only. This helps prevent unauthorized access and potential security breaches, thereby safeguarding sensitive information and resources on the network.
Overall, the skills and knowledge gained from this lab can be directly applied in real-world scenarios, especially in designing, configuring, and securing small to medium-sized networks. Understanding how to set up basic network infrastructure elements and implement security measures is essential for building resilient and secure networks in various environments.