$aayush-acharya
Project 02 · Networking
Multi-VLAN Network Design
Cisco Packet Tracer · VLANs · Inter-VLAN Routing · Layer 3 Switching · 802.1Q Trunking · DHCP · ACLs
Cisco Packet TracerVLANsInter-VLAN RoutingL3 Switching802.1QACLs
← Back to all projects
30 Second Summary

Demonstrates practical networking knowledge — specifically how enterprise networks are segmented to separate traffic types. Network segmentation affects how users connect, why some devices cannot reach others, and how VoIP quality is maintained. Expected knowledge at L2 and above.

VLAN Architecture
VLANNameSubnetPurpose
10Data192.168.10.0/24User PCs and laptops
20VoIP192.168.20.0/24IP phones — isolated for QoS
30Servers192.168.30.0/24File/print servers
40Guest192.168.40.0/24Internet only — ACL isolated
Step-by-Step Breakdown
1
Plan Topology and IP Addressing

Mapped out the full network design before opening Packet Tracer: identified VLAN count, assigned /24 subnets, planned inter-VLAN routing at the Layer 3 switch, decided Guest VLAN would be internet-only via ACL.

2
Build Physical Topology in Packet Tracer
  • 1x Layer 3 switch (Cisco 3560) as core — handles inter-VLAN routing
  • 4x Layer 2 access switches — one per zone, connected via trunk links
  • 1x Router for upstream internet connectivity
  • End devices: PCs, IP phones, laptops, and server in each VLAN
3
Configure VLANs and Assign Ports
  • Created VLANs on all switches: vlan 100, name desktops, vlan 200, name laptops
  • Access ports: switchport mode access, switchport access vlan 100
  • Trunk ports: switchport mode trunk
  • Voice VLAN: switchport voice vlan 20
  • Verified: show vlan brief and show interfaces trunk
4
Enable Inter-VLAN Routing on L3 Switch
  • Created SVIs for each VLAN as the default gateway
  • Example: interface vlan 10ip address 192.168.10.1 255.255.255.0
  • Enabled IP routing: ip routing
  • Default route to router: ip route 0.0.0.0 0.0.0.0 [router IP]
5
Configure Per-VLAN DHCP and Apply Guest ACL
  • Set up DHCP pools on L3 switch for each VLAN — excluded gateway IPs
  • ACL applied inbound on VLAN 40 SVI: denies traffic to internal subnets, permits internet
  • Test: Guest PC → Data VLAN = denied. Guest PC → 8.8.8.8 = permitted.
Proof of Work

Click any image to expand.

Packet Tracer — Network Topology

Packet Tracer — Network Topology

Switch CLI — VLAN 100 & 200 Creation

Switch CLI — VLAN 100 & 200 Creation

show vlan — VLANs Active with Port Assignments

show vlan — VLANs Active with Port Assignments

show vlan — Full Port Assignment Verification

show vlan — Full Port Assignment Verification
Skills Demonstrated
VLAN DesignInter-VLAN RoutingL3 Switching802.1Q TrunkingVoice VLANDHCP PoolsAccess Control ListsCisco IOS CLI
Real-World Link

Mirrors the Cisco Meraki multi-site network at Platinum Hospitality — 9 sites, separate Data/VoIP/Management VLANs.

Related Projects
→ Enterprise M365 E5 Tenant→ Virtual AD & VPN