Comprehensive Network Design and Configuration for Marketing and Finance Departments: A Step-by-Step Guide

Question

You have been assigned to design a network for a small company with two separate departments: Marketing and Finance. The company's network requirements are as follows:

1. Each department should have its own subnet.
2. Each subnet should accommodate up to 50 devices.
3. Both subnets should be able to communicate with each other and access the internet.
4. Implement appropriate network security measures to ensure that devices within each department's subnet are protected from unauthorized access from other subnets.
5. Provide detailed configurations for routers, switches, and any other necessary network devices.

Design the network topology and provide detailed configurations for the routers and switches to meet the company's requirements.

Answer 1

Network Topology Design

1. Subnets Calculation:

   • We need two subnets, one for Marketing and one for Finance.

   • Each subnet should support up to 50 devices.

   • The smallest subnet mask that accommodates 50 devices is a /26 subnet mask, which provides 62 usable IP addresses.

   Subnet details:

   • Marketing: 192.168.1.0/26

   • Finance: 192.168.1.64/26

2. Router Configuration:

   We will configure a single router with two sub-interfaces, one for each department.

   Router(config)# interface g0/0
   Router(config-if)# no shutdown
   Router(config-if)# interface g0/0.1
   Router(config-subif)# encapsulation dot1Q 10
   Router(config-subif)# ip address 192.168.1.1 255.255.255.192
   Router(config-subif)# exit
   Router(config)# interface g0/0.2
   Router(config-subif)# encapsulation dot1Q 20
   Router(config-subif)# ip address 192.168.1.65 255.255.255.192
   Router(config-subif)# exit

3. Switch Configuration:

   Each department will have its own VLAN on the switch.

   Switch(config)# vlan 10
   Switch(config-vlan)# name Marketing
   Switch(config-vlan)# exit
   Switch(config)# vlan 20
   Switch(config-vlan)# name Finance
   Switch(config-vlan)# exit
   Switch(config)# interface range g0/1 - 24
   Switch(config-if-range)# switchport mode access
   Switch(config-if-range)# switchport access vlan 10
   Switch(config-if-range)# exit
   Switch(config)# interface range g0/25 - 48
   Switch(config-if-range)# switchport mode access
   Switch(config-if-range)# switchport access vlan 20
   Switch(config-if-range)# exit
   Switch(config)# interface g0/0
   Switch(config-if)# switchport trunk encapsulation dot1q
   Switch(config-if)# switchport mode trunk
   Switch(config-if)# switchport trunk allowed vlan 10,20
   Switch(config-if)# exit

4. Security Configuration:

   To ensure network security, we will implement Access Control Lists (ACLs) to control the traffic between subnets.

   Router(config)# access-list 100 permit ip 192.168.1.0 0.0.0.63 any
   Router(config)# access-list 100 deny ip any any
   Router(config)# access-list 101 permit ip 192.168.1.64 0.0.0.63 any
   Router(config)# access-list 101 deny ip any any
   Router(config)# interface g0/0.1
   Router(config-subif)# ip access-group 100 in
   Router(config-subif)# exit
   Router(config)# interface g0/0.2
   Router(config-subif)# ip access-group 101 in
   Router(config-subif)# exit

5. Internet Access Configuration:

   To provide internet access to both subnets, configure NAT on the router.

   Router(config)# ip nat inside source list 100 interface g0/1 overload
   Router(config)# interface g0/0.1
   Router(config-subif)# ip nat inside
   Router(config-subif)# exit
   Router(config)# interface g0/0.2
   Router(config-subif)# ip nat inside
   Router(config-subif)# exit
   Router(config)# interface g0/1
   Router(config-if)# ip nat outside
   Router(config-if)# exit

This configuration provides a complete network setup that fulfills the company's requirements, ensuring proper subnetting, communication, security, and internet access. For further assistance, consider seeking professional network administration assignment help.