Academic Works

Overview

Group work - Our Data Communications II class focused heavily on switching concepts like STP and VLANS, and this project was our first tangible experience using lab equipment to build real enterprise networks. This project was particularly challenging because it included an understanding of basic routing to complete.

What I Learned

This project was complicated for my skill level at the time. We needed to implement port security, etherchannel between two office buildings and configure a DHCP server. We segmented the network with VLANs and configured dual ISP failover. We made a lot of mistakes in this project, including messing up our addressing table so it didn't work at first, implementing VLANs incorrectly on the wrong interfaces, and our router didn't work for most of the project. However this project taught me to have patience with my work and have a better mental understanding of the overall network schema.

Configuration Samples

interface Port-channel1
 switchport trunk native vlan 24
 switchport trunk allowed vlan 10,20,24,30,40,50
 switchport mode trunk
 switchport nonegotiate
interface GigabitEthernet1/0/2
 switchport trunk native vlan 24
 switchport trunk allowed vlan 10,20,24,30,40,50
 switchport mode trunk
 switchport nonegotiate
 switchport port-security violation protect
 switchport port-security mac-address sticky
 switchport port-security mac-address sticky 38f3.ab13.23b3
 switchport port-security aging time 60
 switchport port-security
 channel-group 1 mode active
interface GigabitEthernet1/0/3
 switchport access vlan 20
 switchport mode access
 switchport nonegotiate
 switchport port-security violation protect
 switchport port-security mac-address sticky
 switchport port-security mac-address sticky 38f3.ab13.23b3
 switchport port-security aging time 60
 switchport port-security
 channel-group 1 mode active

interface Port-channel1
 switchport trunk native vlan 24
 switchport trunk allowed vlan 10,20,24,30,40,50
 switchport mode trunk
 switchport nonegotiate
interface GigabitEthernet1/0/2
 switchport trunk native vlan 24
 switchport trunk allowed vlan 10,20,24,30,40,50
 switchport mode trunk
 switchport nonegotiate
 channel-group 1 mode active
interface GigabitEthernet1/0/3
 switchport trunk native vlan 24
 switchport trunk allowed vlan 10,20,24,30,40,50
 switchport mode trunk
 switchport nonegotiate
 channel-group 1 mode active

Screenshots

Overview

Group work - For our winter 2025 capstone project we were tasked with designing a network with two sites connected through an ISP router with encrypted communications using a GRE tunnel, implementing OSPF, configuring ACLs to secure the network and implementing NAT. Our chosen implementation involved three routers; SecureNet, SafeTech and TelCom, and a fourth router was provisioned but not configured called ISP2 as a backup option for the company. A loopback address was configured on the ISP router to simulate a remote webserver endpoint.

What I Learned

Utilizing the GRE tunnel and ACL rules for secure connections, this project taught lessons about efficient address usage, and verifying correct information. Several times our GRE tunnel ended up in a state where it was quasi-working, where each endpoint could contact each other but nobody could each the web server. These sorts of technical troubleshooting processes have taught me a lot about persistence.

Screenshots

Overview

Group work - Throughout this VoIP course we explored configuring PBX servers and calling through them using SIP trunking and dial peers. In this final case study, our group was tasked with meeting a business need for a multi-site VoIP system. The two branch offices were connected via the Headquarters router and each site had it's own PBX server to serve clients locally, and a SIP trunk was configured to allow inter-PBX calls. Each site was configured with two Linphone softphones for testing purposes.

What I Learned

FreePBX OS has quite a learning curve to it, and when combining three PBX instances together across a network it can introduce some issues. Linphones would register to the wrong instances, or DHCP would not be functioning however after correcting some minor issues with our configuration our design held up to the challenge presented and all phones could contact one another.

Screenshots

Overview

Group work - A small business called Mastermind IT Services requires a site-to-site IPSec VPN for their business operations. This VPN was implemented using Cisco Firepower 1010 devices on a custom network built for MITS. Four endpoints were used to verify end-to-end connectivity and test the DMZ functionality required by the company.

What I Learned

Using the Cisco Firepower devices, I learned to configure security groups, security zones and NAT rules alongside reinforcing existing concepts for access control lists and DMZ isolation. The web server in this case proved interesting as because our Firepower was using a fake ISP stand-in with a loopback at the other end to simulate our backend, it was looking for updates to rules. We found out that sometimes in a lab environment, the best update mode is off.

Screenshots

Overview

For this project I was tasked with creating a simple Active Directory domain using Windows Server 2022 GUI. I configured spencer.com, added some users (including a non root admin user) and created a nested network fileshare with NTFS permissions configured. On one of the servers IIS was configured along with an iSCSI virtual disk for easy sharing across the network. On the domain controller, DNS and DHCP roles were configured.

What I Learned

Many existing concepts were reinforced with continual good practice, such as configuring a non root admin user, file share permissions, and Windows Server ADDS and IIS configuration. During this particular project, my VMWare vNet corrupted and needed to be reset which was a learning experience unto itself.

Screenshots

Overview

A basic network was built and used as a baseline for GPO configurations to be tested, certificates to be deployed, monitored by remote tools like Windows Admin Centre and RSAT. Disk quotas and data deduplication were configured on NTFS file shares for company use. Four VMs would be used for this project. Three would be servers with the ADDS, DNS, DHCP, ADCS and File Server roles, with an admin workstation added for remote adminisitration.

What I Learned

Windows Server ADCS can be difficult to use, but eventually I got the hang of template deployment. Core skills were refined further, adding complexity with RSAT and WAC tool.s Though this project was run on VMWare workstation, students were prevented from using the console to access servers, instead after post installation tasks were performed remote administration was configured.

Screenshots

Overview

In this project, a storage layout was planned manually for later LVM implementation. A second storage drive was added repliicating the first to combine the two drives using LVM. User disk quotas were used to ensure compliance with write policy. Implementing the layout, each drive was about 20 GiB and was mounted before the LVM was created.

What I Learned

This specific project took a bit of practice on different vmdisks but learning to correctly partition and plan a harddisk layout has allowed me to apply that thinking to other OS like Windows, and to keep my storage layout in mind including file systems. In this project, I decided to go with 4 partitions, with 3 dedicated to file needs and 1 for swap.

Screenshots

Overview

Using a small network created locally on our VMWare workstation hosts, I needed to create a failover cluster using Windows Server 2022 and a HyperV environment. An ADDS environment was used in the background to provide DNS services; needed for HyperV and two HyperV servers were used as access nodes. A drive was configured on the domain controller which would act as an iSCSI target for the SAN used to host ISO images and vmdisks for the HyperV servers. Features such as multipath I/O, and failover clustering were installed on both HyperV servers.

What I Learned

Virtualization technology can be finnicky and in this project the most issues I experienced were due to the Windows environment not playing nicely with running nested virtualization roles. I overcame these issues with careful workarounds, some involving bypassing core isolation to make it function. Once the servers were functional with the HyperV roles it was a matter of creating the SAN which was important for the cluster, and bringing the volumes online and adding them to the failover cluster. Most of these tasks were GUI related, but having hands on experience with these virtualization tools was invaluable.

Screenshots

Overview

Group work - HyperV Replica is a feature of Windows Server HyperV which allows for the replication of virtual machines across the intranet or internet. Replica is primarily a disaster recovery tool used for quick response to workload disruption, and in this project we were tasked with demonstrating a live migration of a HyperV VM from one simulated site to another using our lab LAN. This allowed for an emulated network layer between our VMWare Workstation clients to provide some friction for the replica.

What I Learned

HyperV Replica was straightforward to configure. The primary focus of this project was the research about the protocols and process involved, specifically during the live migration we gained an appreciation for the complexity required to move operating systems with ease. Most of our learning was done in the configuration steps, where we configured multi-path I/O and Replica. We also learned that should the VM experience a failure an administrator would need to intervene to manually invoke the replication, which could be unacceptable downtime in some circumstances. Features like High Availability would be better suited to address that need.

Overview

Description of the project.

What I Learned

What I learned.

Configuration Samples

#!/bin/bash

# Export log file
LOG="/var/log/sysm.log"

exec >> "$LOG"
exec 2>&1

# Finds logs to delete
find /tmp -type f -atime +7 -delete

# Find updates
apt update
apt upgrade -y

echo "Maintenance completed at $(date)"

echo "Begin RSync replica to backup server..."
echo "Backup /SHARE6/"
echo "Destination share@192.168.100.12:/SHARE6/"
echo ""
/usr/bin/rsync -avz --delete -e 'ssh -p 2222' /SHARE6/ share@192.168.100.12:/SHARE6/

Overview

Group work - Using a sandbox environment, we were tasked with configuring a VPC, web server, S3 static website hosting, and use CloudFormation to deploy Wordpress on an EC2 instance.

What I Learned

Many of these tasks were review from previous labs in this course, however this was one of the first times that I used AWS systems without the guardrails of a formal lab environment. The lab included several elements which are cloud deployment fundamentals such as VPC configuration, and S3 static hosting and we used instructor provided files to deploy our Wordpress stack.

Screenshots

Overview

Description of the project.

What I Learned

What I learned.

Overview

This project was fairly straightforward, and applied basic systems administration principles and the PowerShell used throughout the course to automate the deployment of Windows Active Directory Domain Services using SSH and PowerShell. File shares were created and permissions tested to verify security.

What I Learned

Completing a familiar task using only PowerShell commands reinforced existing understandings of ADDS concepts and allowed me a much better understanding of how the forest is created under the hood. This project also allowed me to create my own ADDS script to automate deployment of these types of servers in the future, greatly increasing efficiency.

Screenshots

Overview

Description of the project.

What I Learned

What I learned.

Overview

Description of the project.

What I Learned

What I learned.

Overview

Description of the project.

What I Learned

What I learned.