This project demonstrates the design and implementation of a segmented enterprise-style cafe network using Cisco Packet Tracer. The network is structured with VLAN segmentation, inter-VLAN routing (Router-on-a-Stick), DHCP services, and a realistic physical topology.
The goal is to simulate a real-world cafe / small enterprise network infrastructure with proper isolation, scalability, and maintainability.
| VLAN | Name | Network | Purpose |
|---|---|---|---|
| 10 | Misafir | 192.168.10.0/24 | Guest users |
| 20 | Personel | 192.168.20.0/24 | Staff devices |
| 30 | YΓΆnetim | 192.168.30.0/24 | Management systems |
- Router (R1-Kafe) β Inter-VLAN Routing + NAT
- Switch (SW1-Kafe) β VLAN segmentation + Trunking
- DHCP Server / Router DHCP β IP distribution
- Access Point β Wireless extension (optional)
- End Devices β Clients (PCs & Laptops)
Description:
- Shows VLAN segmentation and device relationships
- Router-on-a-stick architecture is clearly visible
- Core (Router + Switch) and Access layer (clients) separation
Description:
- Represents real-world rack layout
- Devices are physically organized (Router, Switch, Server)
- Cabling reflects structured enterprise deployment
Explanation:
- Confirms that the guest laptop receives an IP from VLAN 10
- Validates DHCP pool and VLAN assignment
Explanation:
- Management PC receives correct IP from VLAN 30
- Confirms segmentation is working correctly
Explanation:
- Verifies communication between client and default gateway
- Ensures Layer 3 reachability
Explanation:
- Demonstrates successful routing between VLANs
- Confirms router-on-a-stick configuration
Explanation:
- Validates access to switch management interface (VLAN 30)
Explanation:
- Shows all active DHCP leases
- Confirms multiple VLAN clients receiving IPs
Explanation:
- Displays VLAN assignments and port mappings
- Ensures correct segmentation at Layer 2
Explanation:
- Confirms trunk link between switch and router
- Shows allowed VLANs (10,20,30)
- VLAN creation
- Access port assignment
- Trunk configuration (802.1Q)
vlan 10
name Misafir
vlan 20
name Personel
vlan 30
name Yonetim
interface range fa0/1
switchport mode access
switchport access vlan 10
interface range fa0/2-5
switchport mode access
switchport access vlan 30
interface range fa0/6-11
switchport mode access
switchport access vlan 20
interface gig0/1
switchport mode trunkinterface g0/1.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
interface g0/1.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
interface g0/1.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0ip dhcp excluded-address 192.168.10.1 192.168.10.20
ip dhcp excluded-address 192.168.20.1 192.168.20.20
ip dhcp excluded-address 192.168.30.1 192.168.30.20
ip dhcp pool MISAFIR
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8
ip dhcp pool PERSONEL
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8
ip dhcp pool YONETIM
network 192.168.30.0 255.255.255.0
default-router 192.168.30.1
dns-server 8.8.8.8The network was validated using multiple test scenarios.
- Clients successfully received IP addresses from correct VLAN pools
- Devices can reach their default gateway
- Communication between VLANs verified via ICMP
- Switch reachable via management VLAN (VLAN 30)
- Verified across VLANs (no ACL restriction yet)
All test screenshots are located in:
screenshots/
Detailed installation and configuration guide:
- VLAN-based segmentation
- Router-on-a-stick architecture
- DHCP configuration
- Trunking (802.1Q)
- Physical & logical topology modeling
- Scalable design
- ACL implementation (Guest isolation)
- Firewall simulation
- Wireless VLAN segmentation
- Network monitoring (SNMP)
This project successfully simulates a real-world enterprise network environment, demonstrating strong understanding of:
- Layer 2 & Layer 3 networking
- Network segmentation
- Routing principles
- Infrastructure design
PΔ±nar Topuz
Give it a star β on GitHub!