Yeah, lots of work haha
Found the fiber connection for multi-layer switch, but I don't know what to do for the configuration, can you help me with that?

Hello @Consolacion 

Literraly speaking...

To configure a network that balances load between two ISPs and segments traffic using VLANs, a step-by-step approach can help achieve both load balancing and secure network segmentation.

The network design involves two ISPs connected to a central router, with multiple access points providing internet access across the network. Multilayer switches will be used for inter-VLAN routing, ensuring that different network segments can communicate as needed.

First, VLANs need to be configured on the multilayer switches to segregate traffic. For this setup, VLAN 10 can be designated for faculty and VLAN 20 for students...example. VLANs can be created on the switches, and then the ports connected to devices belonging to these groups should be assigned to the corresponding VLAN. For example, ports connected to faculty devices should be assigned to VLAN 10, while ports connected to student devices should be assigned to VLAN 20. This segmentation ensures that traffic remains isolated, providing better security and network management.

Next, configure inter-VLAN routing on the multilayer switches to enable communication between different VLANs. This involves creating swith virtual interfaces (SVI) for each VLAN, assigning IP addresses to the VLAN interfaces to serve as the default gateways for devices in those VLANs. The switches should have routing enabled to perform inter-VLAN routing. Additionally, configure trunking on the uplinks between the switch and the central router, ensuring that traffic from multiple VLANs can pass through.

For load balancing, the central router should be configured to distribute traffic across both ISPs. One approach is to use static routes with equal cost to both ISPs, enabling equal cost multipath routing or "ECMP". Alternatively, a dynamic routing protocol like EIGRP or OSPF can be used to achieve load balancing based on equal-cost paths. NAT should also be configured to allow internal IP addresses to communicate with external networks via the ISPs.

Finally, verify the configurations by checking VLAN settings, routing tables, and interface statuses. Testing can be conducted by generating traffic across the network and observing load distribution across the ISPs, as well as ensuring devices in different VLANs can communicate through inter-VLAN routing when needed. This comprehensive setup will provide a balanced distribution of internet access while maintaining secure and segmented traffic flow for faculty and students.

A lot and a hard work to do. Good Luck.

Made a little change about the network topology, as shown in the image below:

 does everything you said still applicable with this new topology, and also with the configuration?
if not, what can you recommend?

The configuration is done on the device. You double click the device and get to the CLI tab. There you can keep going with the config.