Enterprise Campus Network Design – Tanta University

Enterprise Campus Network Design – Tanta University

This project showcases the design and implementation of a scalable, secure, and high-availability enterprise network for Tanta University in Egypt. The university operates across two campuses located approximately 160 kilometers apart—Cairo and Beni Suef. The goal was to provide robust inter-campus connectivity while ensuring reliable internal communication, network segmentation, and secure access across all departments.

Key Features & Implementations

Network Topology & Device Configuration

Designed the complete network topology using Cisco Packet Tracer.

Configured core, distribution, and access layer devices with secure remote access (SSH) and management protocols.

VLAN Implementation & Inter-VLAN Routing

Created VLANs for departments such as HR, Finance, IT, and Guest.

Implemented Inter-VLAN Routing on Layer 3 switches to allow secure communication between departments.

Assigned IP interfaces and implemented DHCP services for dynamic addressing.

Redundancy was established by deploying backup DHCP servers at each campus.

Wireless LAN Infrastructure

Configured Wireless LAN Controllers (WLCs) and Lightweight Access Points (LAPs).

Ensured seamless connectivity between wired and wireless networks with unified IP addressing and SSIDs.

Dynamic Routing & Layer 3 Protocols

Implemented OSPF across routers and switches for efficient route propagation.

Configured Hot Standby Router Protocol (HSRP) to provide gateway redundancy.

Applied IP DHCP Helper Addresses for VLANs to ensure proper IP allocation from central servers.

Access Control & Network Security

Deployed Standard and Extended ACLs to secure inter-VLAN communication and restrict Guest VLAN access.

Enabled remote access via SSH with restricted access using ACLs.

Subnetting & Address Management

Designed an efficient subnetting scheme to minimize IP wastage and ensure optimized traffic flow.

Segmented the network into logical subnets for WLAN, LAN, Management, and DMZ zones.

High Availability & Redundancy Mechanisms

Utilized EtherChannel and Spanning Tree Protocol (STP) to ensure link redundancy and loop prevention.

Implemented VRRP/HSRP on core switches for failover and continuous service availability.

Testing & Documentation

Conducted full end-to-end testing for DHCP, routing, wireless connectivity, and ACL enforcement.

Prepared network diagrams, addressing tables, and configuration documentation for review and future reference.

Technologies Used:

Cisco Packet Tracer

VLANs, OSPF, HSRP, ACLs

DHCP, SSH, EtherChannel, STP

WLC + LAP wireless infrastructure

Subnetting & IP Address Planning