OMAR61-eng/multi-protocol-network-security-lab

GitHub: OMAR61-eng/multi-protocol-network-security-lab

Stars: 0 | Forks: 0

# 🌐 Multi-Protocol Network Security Lab ![Cisco Packet Tracer](https://img.shields.io/badge/Cisco-Packet%20Tracer-1BA0D7?logo=cisco) ![OSPF](https://img.shields.io/badge/Protocol-OSPF-blue) ![HSRP](https://img.shields.io/badge/Redundancy-HSRP-green) ![ACL](https://img.shields.io/badge/Security-ACL-red) A fully functional enterprise network simulation for **GlobalCorp**, connecting three branch offices through a redundant HQ backbone with multi-protocol routing and layered security policies. ## 📋 Project Overview This lab simulates a real-world enterprise network with: - **Branch A** (Finance Dept) — EIGRP AS 100 | R3 | PC1 & PC3 - **Branch B** (Sales Dept) — RIPv2 | R4 | PC2 - **HQ Core** (R1 Active + R2 Standby) — OSPF Area 0 + HSRP VIP: 192.168.1.1 - **Server Farm** — Protected by Extended ACLs via R2 - **Internet** — ISP (R5) as DHCP server + default gateway ## 🗺 Topology ![Network Topology](https://raw.githubusercontent.com/OMAR61-eng/multi-protocol-network-security-lab/main/screenshots/topology.png) ## 📡 IP Addressing Table | Device | Interface | IP Address | Role | |--------|-----------|------------|------| | R1 (HQ Active) | Gi0/0 | 192.168.1.2/24 | HSRP Active | | R2 (HQ Standby) | Gi0/0 | 192.168.1.3/24 | HSRP Standby | | R3 (Branch A) | Gi0/0 | 192.168.3.1/24 | Finance Gateway | | R4 (Branch B) | Gi0/0 | 192.168.4.1/24 | Sales Gateway | | R5 (ISP) | Gi0/1 | 203.0.113.1/24 | ISP Gateway | | HSRP VIP | — | 192.168.1.1 | Virtual Gateway | ## ⚙️ Key Configurations - **OSPF Area 0** between R1 & R2 (Router-IDs: 1.1.1.1 / 2.2.2.2) - **HSRP Group 1**: R1 Priority 150 Active | R2 Priority 100 Standby | Preempt enabled - **Static Route Glue** (no redistribution): R1→Sales, R2→Finance, R3/R4→Default - **ACL 1** FINANCE-PROTECT on R3 Se0/0/0 inbound - **ACL 2** SERVER-LOCKDOWN on R2 Gi0/1 inbound ## 🔐 Security Policy | Rule | Source | Destination | Action | |------|--------|-------------|--------| | ACL1-1 | Sales 192.168.4.0/24 | PC1 192.168.3.10 | ❌ DENY | | ACL1-2 | Any | Any | ✅ PERMIT | | ACL2-1 | Admin PC 192.168.20.10 | Any | ✅ PERMIT | | ACL2-2 | Sales 192.168.4.0/24 | Any | ✅ PERMIT | | ACL2-3 | PC1 Finance | Server HTTP/80 | ❌ DENY | | ACL2-4 | Any | Any | ✅ PERMIT | ## ✅ Verification Results ![HSRP Verification](https://raw.githubusercontent.com/OMAR61-eng/multi-protocol-network-security-lab/main/screenshots/hsrp-verification.png) - ✓ OSPF Neighbor: R1↔R2 FULL/DR - ✓ HSRP: R1 Active (150) | R2 Standby (100) | VIP 192.168.1.1 - ✓ End-to-end connectivity across all segments - ✓ ACL1: PC2→PC1 Blocked | PC2→PC3 Allowed - ✓ ACL2: PC1 HTTP Blocked | PC3 HTTP Allowed | ICMP Always Allowed ## 🛠 Tools Used - Cisco Packet Tracer 8.x - Cisco 2911 Routers (x5) - Cisco 2960 Switches (x3)