1. HOME
  2. THE HOMEBREW SECURITY BLOG
  3. Step-By-Step Networking: A Project-Based Approach

Step-By-Step Networking: A Project-Based Approach

Logan Bennett
6 min read
01 Jan
01Jan

Let's face it, most modern day businesses are dependent on reliable, network-based communications to operate. Email, phones, and file sharing all require a network for them to function. That is why there is an entire field of information technology dedicated to designing, configuring, and maintaining networks.

As a cybersecurity professional, think about how the network plays a role in the field. Networks are fundamentally built to get information from one place to another. In information technology, a network is a group of interconnected devices that share information across a physical medium. That information is often critical to stakeholders and could include social security numbers, financial statistics, conversations with contractors, credit card numbers, protected health information (PHI), and other highly confidential information. Systems that process data are typically servers found on the premises of the local network, otherwise known as on-prem, or on the internet with cloud-based service providers. Data is provided to the servers by sending it across the network through packet switching.

When a threat actor compromises a network, there are several adverse effects. For example, consider a standard home router. In most households this is the central location for all network communications. Threat actors could redirect all traffic to their own websites to install malware on the connected devices and view username and passwords traversing across the network. They could also shut off LAN/WAN interfaces or deny access to certain devices, compromising availability. Thus, it is imperative for professionals to understand how networks work.

Welcome to the first part of the Step-By-Step Networking series! This series will show you how networks operate by practically configuring our very own network. While you are not expected to be an expert, a basic understanding of network functionality is required. However, each component will be explained throughout the series.

Today we'll cover the network that we will be configuring as well as the tools we'll be using throughout the series. Then we'll go over fundamental information you will need to know before getting started.


Network Overview

Above is the network we will be configuring. In total we have 8 devices with 5 subnets and 5 VLANs. Below is a full list of devices with their logically set hostnames:

• 1 Cisco 2811 Integrated Services Router (RTR01)

• 2 Cisco Catalyst 3650 24 Port PoE Switches (SW01 & SW02)

• 2 Cisco 7960 SIP IP Phones (FINPH01 & ITPH01)

• 1 Server (DCSRV01)

• 2 Desktop PCs (FINPC01 & ITPC01)

IT and Finance are our two major departments accompanied with a datacenter for housing the organization's servers. Below is a list of subnets and matching VLANs we will be using for each network. I have chosen a Class C IP address scheme for simplicity, but note real-world organizations may use a Class A IP address scheme:

• IT Department

     192.168.40.0/24 - Data VLAN 40

     192.168.41.0/24 - Voice VLAN 41

• Finance Department

     192.168.20.0/24 - Data VLAN 20

     192.168.21.0/24 - Voice VLAN 21

• Datacenter

     192.168.60.0/24 -Data VLAN 60

The server in the datacenter will act as a DHCP server for desktop clients and an NTP server for the router, while the router will act as both DHCP server and call manager for the IP phones. The router has 5 virtual interfaces for inter-vlan routing and will only forward DHCP requests from the desktops. Below is a our list of objectives:

• Phones must be powered through PoE

• Departments must be logically separated

• Desktops must obtain automatic IP addresses from the datacenter

• Desktops must be able to ping each other

• Phones must obtain automatic IP addresses from the router

• Phones must be able to communicate with directory numbers assigned by department

• Time must be sourced from the datacenter

This is a basic set of objectives, however requires an extensive understanding of routing, switching, and VoIP configuration. We'll go over each configuration step-by-step and have a fully function local area network (LAN) that supports data and telephony by the time we're finished.

Later in the series, we'll also talk about securing the network with port security and access control lists (ACLs).


Cisco Packet Tracer

As you have probably guessed, this series is going to revolve around Cisco devices. The only tool we will need for this series is Cisco Packet Tracer, however it does require creating an account with the Cisco Networking Academy to download.

Cisco Packet Tracer is an excellent free tool for learning and practicing networking skills and can serve as a test environment as well. If you want to know how data will flow in your newly designed network, configuring it in Packet Tracer will give you a decent overview of what that will look like. The interface can be daunting for beginners, but is relatively simple to navigate after giving it some time.

To download, go to https://www.netacad.com/courses/packet-tracer and choose "Login" on the top right of the page. You will be presented with a screen similar to the screenshot below.

Click "Sign Up" and follow the directions to create an account. You should be prompted for the information below:

As I already have an account, I will be skipping the process and log into the account I have already created.

Once your account is created, go to "Resources" on the top of the screen and click on "Download Packet Tracer" as shown:

Scroll down and you should see a link to download the program based on your operating system and architecture. There will also be a link to an end-user-license agreement.

Once downloaded, run the installer and select all default settings or specify them as necessary. You will then be able to open Packet Tracer, which will bring you to a prompt to sign in once again:

Selecting "Network Academy" will open your browser to Cisco's login page. Login with the account you created. Cisco will tell you that you have successfully logged in. Close the browser and open the Packet Tracer window.

If you have made it to the screenshot above, you have successfully installed Cisco Packet Tracer!


Step-By-Step Networking Prerequisites

There aren't many prerequisites to this series as each and every component will be explained as we move along with the project. However, you must understand the basic functionality of a network and how computers operate. For example, if you are unfamiliar with the OSI model and do not know the difference between layer 3 and layer 2, it will only help you to go back and study up on networks before diving head first into configuring IP addresses and VLANs.

Since you need to know how to use Packet Tracer to complete the project, let's go over the user interface for the program. Explaining each feature is a lesson in itself, so this will be a brief overview of the most important parts of the interface.

Navigating Cisco Packet Tracer

If this is your first time using Packet Tracer, the user interface may seem a bit daunting. However, after spending time with the program you will learn that the most important parts of the interface has been organized depending on their purpose.

In the bottom left, you will see all categories available to you for designing your topology. The top section lists broad categories such as network devices and endpoints, while the lower section gives you subcategories such as routers and switches as shown below.

To the right of these categories shows all of the available devices or connections able to be placed on the main screen. To place devices, click on a device and then click on the space you'd like to place it. You can also use the click-and-drag method as well.

When choosing a connection in the "Connections" category, selecting a cable then selecting a device will give you a list of interfaces to plug into. Select the interface and do the same for the other end of the cable.

Selecting the device will give you configuration information, a physical view, and access to a CLI in most cases. Use the tabs on the top to navigate through.

On the top left of the screen you can find tabs to save your work, delete a device, placing a note, undo/redo an action, or drawing shapes.

On the bottom right of the screen you will find a fantastic feature that lets you swap between Realtime mode and Simulation mode. Simulation mode will allow you to view each packet in transit and see the traffic flow step by step. Realtime mode will allow the network to function just as if it were a real network.

For now, that is all you need to know about Packet Tracer to get started! For more training, Cisco offers Packet Tracer labs that walk you through exactly how to utilize the program to its full potential. I highly encourage you to enroll in these courses as they will enhance your understanding.


Conclusion

Today I went over the network we will be making over the course of this series. Then we installed Cisco Packet Tracer and reviewed the user interface.

In the next post we will work on setting up physical connections and talk about some of the standards that define those connections.

20Dec
The Homebrew Security Blog
22Dec
Top Cybersecurity Resources
08Jan
Step-By-Step Networking: The Foundation