Network Design on cisco packet tracer 6

NETWORK DESIGN USING ACCESS
CONTROLS AND VOIP

Saurav Kumar Pandey

CONTENTS
Abstract
 Network Topology
 Frame – Relay
 DHCP
 Routing Protocol
 VLAN
 Telnet
 ACL
 VoIP


ABSTRACT












To deploy well-designed computer networks supporting
converged applications of data, audio, and video.
To support better performance, resilience, security,
maintainability.
This is to propose a network model that can be implemented
in diferent network environments and also be used to
implement MAN, WAN.
Use of Voice over Internet Protocol technology allows to make
a phone call using an Internet connection or a dedicated
network that uses the IP protocol, rather than go through the
normal telephone line.
This save bandwidth used. Data packets, containing voice

information are routed over the network, encoded in digital
form.
To flters & check unauthorized trafc that travels across the
network.
The major objective of this network design is to allow only the
genuine users to access the network and prevent the
intruders from accessing it.

NETWORK TOPOLOGY

Network description










This network has a total number of 3 locations
locations; 1 Head ofce,and other two are
Branch ofce-A and Branch Ofce-B.
The routers used are 2811
Also have opted for 2960 switches
Have added PC's as voice functionality can be
added to those if desired and to check whether
both the network could ping each other or not
and for various operational functionalities.
Have kept IPV4 addressing sceme to the
various networks.
The Head ofce and the Branch ofce-A are
connected via leased line(Frame Relay).

Router confguration
Router 1
Router>en
Router#conf t
Router(confg)#int s 0/2/0
Router(confg-if)#ip addr 192.168.0.1 255.255.255.0

Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.1.1 255.255.255.0
Router(confg-if)#clock rate 64000
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int f0/0
Router(confg-if)#ip addr 172.21.0.1 255.255.0.0
Router(confg-if)#no shut
Router(confg)#int f0/1
Router(confg-if)#ip addr 172.20.0.1 255.255.0.0
Router(confg-if)#no shut
Contd...

Router2
Router>en
Router#conf t
Router(confg)#int s0/2/0
Router(confg-if)#ip addr 192.168.0.2 255.255.255.0

Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.2.1 255.255.255.0
Router(confg-if)#clock rate 64000
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int f0/0
Router(confg-if)#ip addr 172.17.0.1 255.255.0.0
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int f0/1
Router(confg-if)#ip addr 172.16.0.1 255.255.0.0
Router(confg-if)#no shut
Router(confg-if)#exit
contd…..

Router3
Router>en
Router#conf t

Router(confg)#int s0/3/0
Router(confg-if)#ip addr 192.168.1.2 255.255.255.0
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int s0/2/0
Router(confg-if)#ip addr 192.168.2.2 255.255.255.0
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int f0/0
Router(confg-if)#ip addr 172.19.0.1 255.255.0.0
Router(confg-if)#no shut
Router(confg-if)#exit
Router(confg)#int f0/1
Router(confg-if)#ip addr 172.18.0.1 255.255.0.0
Router(confg-if)#no shut
Router(confg-if)#exit

Frame-Relay



Frame relay is a telecommunication
service designed for cost-efcient data
transmission for intermittent trafc
between local area networks (LANs)
and between end-points in a wide area
network (WAN). Frame relay puts data
in a variable-size unit called a frame
and leaves any necessary error
correction (retransmission of data) up
to the end-points, which speeds up
overall data transmission.

Frame-relay confguration

Frame-relay confg.
Router1 (frame-relay)
Router(confg)#int s0/2/0
Router(confg-if)#encapsulation frame-relay
Router(confg-if)#frame-relay lmi-type cisco
Router(confg-if)#frame-relay interface-dlci 102

Router(confg-if)#no shut

Router3 (frame-relay)
Router(confg)#int s0/2/0
Router(confg-if)#encapsulation frame-relay
Router(confg-if)#frame-relay lmi-type cisco
Router(confg-if)#frame-relay interface-dlci 201
Router(confg-if)#no shut

DHCP

DHCP Confg.
Router1
Router(confg)#ip dhcp pool R1
Router(dhcp-confg)#network 172.20.0.0
255.255.0.0
Router(dhcp-confg)#default-router 172.20.0.1
Router(dhcp-confg)#exit

contd…


Router2
Router(confg)#ip dhcp pool R2
Router(dhcp-confg)#network 172.17.0.0
255.255.0.0
Router(dhcp-confg)#default-router 172.17.0.1
Router(dhcp-confg)#exit
Router3
Router(confg)#ip dhcp pool R3
Router(dhcp-confg)#network 172.19.0.0
255.255.0.0
Router(dhcp-confg)#default-router 172.18.0.1
Router(dhcp-confg)#exit

RIP(ROUTING INFORMATION PROTOCOL)


It is a dynamic routing protocol
technique




RIP prevents routing loops by
implementing a limit on the number of
hops allowed in a path from the source
to a destination. The maximum
number of hops allowed for RIP is 15.

RIP Confg.
Router1
Router(confg)#router rip
Router(confg-router)#network
192.168.0.0
Router(confg-router)#network
192.168.1.0
Router(confg-router)#network 172.20.0.0
Router(confg-router)#network 172.21.0.0
contd…

Router2

Router(confg)#router rip
Router(confg-router)#network
Router(confg-router)#network
Router(confg-router)#network
Router(confg-router)#network

192.168.0.0
192.168.2.0
172.16.0.0
172.17.0.0

Router3
Router(confg)#router rip
Router(confg-router)#network
Router(confg-router)#network
Router(confg-router)#network
Router(confg-router)#network

192.168.1.0
192.168.2.0
172.18.0.0
172.19.0.0

VLAN


In computer networking, a single layer-2 network may
be partitioned to create multiple distinct broadcast
domains, which are mutually isolated so that packets
can only pass between them via one or more routers;
such a domain is referred to as a Virtual Local Area
Network, Virtual LAN or VLAN.

Vlan confg.
Switch1
Switch>en
Switch#conf t
Switch(confi)#vlan 2
Switch(confg-vlan)#name HR
Switch(confg-vlan)#exit
Switch(confg)#vlan 3
Switch(confg-vlan)#name AC
Switch(confg-vlan)#exit
Switch(confi)#vlan 2
Switch(confg-vlan)#int f0/3
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#int f0/4
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#exit

contd….

Switch(confi)#vlan 3
Switch(confg-vlan)#int f0/5
Switch(confg-if)#switchport
Switch(confg-if)#switchport
Switch(confg-if)#int f0/6
Switch(confg-if)#switchport
Switch(confg-if)#switchport
Switch(confg-if)#exit

mode access
access vlan 3
mode access
access vlan 3

Switch(confg)#int f0/2
Switch(confg-if)#switchport mode trunk
(trunk is used to connect one switch with another
switch)

contd…

Switch7
Switch(confi)#vlan 2
Switch(confg-vlan)#int f0/2
Switch(confg-if)#switchport mode access
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#int f0/3
Switch(confg-if)#switchport mode access
83
Switch(confg-if)#switchport access vlan 2
Switch(confg-if)#exit

contd….

Switch(confi)#vlan 3
Switch(confg-vlan)#int f0/4
Switch(confg-if)#switchport
Switch(confg-if)#switchport
Switch(confg-if)#int f0/5
Switch(confg-if)#switchport
Switch(confg-if)#switchport
Switch(confg-if)#exit

mode access
access vlan 3
mode access
access vlan 3

Switch(confg)#int f0/1
Switch(confg-if)#switchport mode trunk

TELNET


Telnet is a user command and an
underlying TCP/IP protocol for
accessing remote computers. Through
Telnet, an administrator or another
user can access someone else's
computer remotely.

Telnet confguration on
router2 & router3
Router2
Router(confg)#line vty 0 4
Router(confg-line)#password ccna1
Router(confg-line)#login
Router(confg-line)#exit
Router(confg)#enable password ccie
Router3
Router(confg)#line vty 0 4
Router(confg-line)#password ccna2
Router(confg-line)#login
Router(confg-line)#exit
Router(confg)#enable password ccie1

Accessing router 2

ACL(Access Control lists)


ACLs are basically a set of commands,
grouped together by a number or
name that is used to flter trafc
entering or leaving an interface. An
access control list (ACL) is a table that
tells a computer operating system
which access rights each user has to a
particular system object.

Restrictini PC10 from
accessini Router2 via
telnet
Router 3(extended ACL)
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host
192.168.2.1 eq 23
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host
172.17.0.1 eq 23
Router(confg)#access-list 101 deny tcp host 172.19.0.2 host
192.168.0.2 eq 23
Router(confg)#access-list 101 permit ip any any
Router(confg)#int f0/0
Router(confg-if)#ip access-group 101 in
Router(confg-if)#exit
contd….

Restriction in accessing telnet
through PC 10

Restrictini PC10 from
accessini network 172.20.0.0
Router1 (standard ACL)
Router(confg)#access-list 1 deny host
172.19.0.2
Router(confg)#access-list 1 permit any
Router(confg)#int f0/1
Router(confg-if)#ip access-group 1 out
Router(confg-if)#exit

Restriction in accessing the network through
PC10

VOIP


Voice over IP (voice over Internet
Protocol, VoIP) is a methodology and
group of technologies for the delivery
of voice communications and
multimedia sessions over Internet
Protocol (IP) networks, such as the
Internet.

Protocols in Voip
DHCP
 CALL MANAGER EXPRESS
 PHONE DIRECTORY
 DIAL PEER CONFIGURATION


DHCP Confg. In VoIP
Router1
Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.21.0.0 255.255.0.0
Router(dhcp-confg)#default-router 172.21.0.1
Router(dhcp-confg)#option 150 ip 172.21.0.1
Router(dhcp-confg)#exit
Router2
Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.16.0.0 255.255.0.0
Router(dhcp-confg)#default-router 172.16.0.1
Router(dhcp-confg)#option 150 ip 172.16.0.1
Router(dhcp-confg)#exit
contd…..

Router3
Router(confg)#ip dhcp pool voice
Router(dhcp-confg)#network 172.18.0.0
255.255.0.0
Router(dhcp-confg)#default-router
172.18.0.1
Router(dhcp-confg)#option 150 ip
172.18.0.1
Router(dhcp-confg)#exit

Call Manager express
confg.
Router 1
Router(confg)#telephony-service
Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr
172.21.0.1 port 2000
Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5
Router(confg-telephony)#exit

contd…..

Router2
Router(confg)#telephony-service
Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr 172.16.0.1 port 2005 77
Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5
Router(confg-telephony)#exit
Router3
Router(confg)#telephony-service
Router(confg-telephony)#max-dn 5
Router(confg-telephony)#max-ephones 5
Router(confg-telephony)#ip source-addr 172.18.0.1 port 2010
Router(confg-telephony)#auto assign 4 to 6
Router(confg-telephony)#auto assign 1 to 5
Router(confg-telephony)#exit
contd……

Switch0
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport
Switch(confg-if-range)#switchport
Switch(confg-if-range)#exit
Switch5
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport
Switch(confg-if-range)#switchport
Switch(confg-if-range)#exit
Switch4
Switch(confg)#int range f0/1-5
Switch(confg-if-range)#switchport
Switch(confg-if-range)#switchport
Switch(confg-if-range)#exit
contd….

mode access
voice vlan 1

mode access
voice vlan 1

mode access
voice vlan 1

Phone Directory confg.
Router1
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number 1101
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 2
Router(confg-ephone-dn)#number 1102
Router(confg-ephone-dn)#exit
contd…..

Router2
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number
Router(confg-ephone-dn)#exit
Router 3
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number
Router(confg-ephone-dn)#exit
Router(confg)#ephone-dn 1
Router(confg-ephone-dn)#number
Router(confg-ephone-dn)#exit
contd…

2101

2102

3101

3102

Dial-Peer confg….
Router1
Router(confg)#dial-peer voice 1 voip
Router(confg-dial-peer)#destination-pattern 2...
Router(confg-dial-peer)#session target
ipv4:192.168.0.2
Router(confg-dial-peer)#exit
Router(confg)#dial-peer voice 2 voip
Router(confg-dial-peer)#destination-pattern 3...
Router(confg-dial-peer)#session target
ipv4:192.168.1.2
Router(confg-dial-peer)#exit
contd…

Router2
Router(confg)#dial-peer voice 3 voip
Router(confg-dial-peer)#destination-pattern 1...
Router(confg-dial-peer)#session target ipv4:192.168.0.1
Router(confg-dial-peer)#exit
Router(confg)#dial-peer voice 5 voip
Router(confg-dial-peer)#destination-pattern 3...
Router(confg-dial-peer)#session target ipv4:192.168.2.2
Router(confg-dial-peer)#exit
Router3
Router(confg)#dial-peer voice 4 voip
Router(confg-dial-peer)#destination-pattern 1...
Router(confg-dial-peer)#session target ipv4:192.168.1.1
Router(confg-dial-peer)#exit 80
Router(confg)#dial-peer voice 6 voip
Router(confg-dial-peer)#destination-pattern 2...
Router(confg-dial-peer)#session target ipv4:192.168.2.1
Router(confg-dial-peer)#exit
contd….

Dialing phone

Connected phone

Benefts of voip
The call cost is lower, especially
over long distances
 The infrastructure costs are
lower: When it became available
any IP network infrastructure is
required.
 This save bandwidth used. Data
packets, containing voice
information are routed over the
network, encoded in digital form.


BIBLIOGRAPHY
BOOKS
 CISCO CCNA ICND2 ofcial exam certifcation book
 CCNA study guide access control list standard and
extended.
REFERENCES
 http://www.packettracer.com/ voipconfguration.html
 http://www.packettracer.com/
VoIP_in_Cisco_Packet_Tracer.htm
 http://www.howstufworks.com/ ip-telephony.htm
 http://www.wikipedia.com/ Voice_over_IP.html
 http://www.louisvilleuniversity.com/intro.html
 http://www.rogerdarlington.me.uk/VoIP.html
 http://www.baumann.info/public/voip
 Syngress Cisco Internetworking Book

THANK YOU