VLAN Config ( Cisco Catalyst )
Monday, November 27, 2017 | 5:50 PM
1 Creating VLANs & Assigning Ports
vlan mode access vlan access 10
Enter Config
conf t
Enter Switch CLI
en Switch# show vlan
Create VLAN 10
Switch#conf t Switch(config)#vlan 10 Switch(config-vlan)#name <NAME> Switch#show vlan brief Switch#conf t Switch(config)# Switch(config)#int fa0/1 Switch(config-if)# Switch(config-if)#switchport mode access -access port designates ONLY 1 IP/Host at a time ( not a trunk ) Switch(config-if)#switchport access vlan 10 Switch(config-if)#do show vlan brief Switch(config-if)#int fa0/2 Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan 10 Switch(config-if)#do show vlan brief Switch#show running-config -shows vlan & port config
Create VLAN 20 with fa0/3 & fa0/4
Switch# Switch#conf t Switch(config)#vlan 20 Switch(config-vlan)#name <NAME> Switch#show vlan brief Switch#conf t Switch(config)# Switch(config)#int fa0/3 Switch(config-if)# Switch(config-if)#switchport mode access -access port designates ONLY 1 IP/Host at a time ( not a trunk ) Switch(config-if)#switchport access vlan 20 Switch(config-if)#do show vlan brief Switch(config-if)#int fa0/4 Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan 20 Switch(config-if)#do show vlan brief Switch#show running-config
2 Trunks
Trunk ports allow more than one IP
Set ALL ports to Access Mode
Manually create/manage trunks as needed to prevent security issues
Modes
Access Mode
access
Trunk Mode
trunk
Dynamic Auto - if other port wants to be trunk
dynamic auto
Dynamic Desirable - Actively trying to be a trunk port
dynamic desirable
Switch>en
Switch# show ip int br
Switch#show int gi0/1 switchport
AdminMode 'dynamic auto'
Encapsulation: dot1q / isl(propriety cisco method)
Switch#conf t
Switch(config)#int gi0/1
Switch(config-if)#switchport mode ?
Switch(config-if)#switchport mode trunk
Switch(config-if)#exit
Switch#(config)
Draw Trunk Connection gi0/1 to gi0/1
wait for connections to turn green
Switch#show interfaces trunk
Connect Switch 2 Hosts to VLAN/Trunk
3 Routing: Configuring VLAN to allow Multiple Subnet Access
Don't want hosts to see all server broadcasts, but still need access
Connect Router fa0/0 to VLAN fa0/24
Router is default gateway
IF will be configured for both VLANs
SubInterfaces
fa0/0
split this into multiple i/fs
Router
Router>en
Router#conf t
Router(config)#int fa0/0
Router(config-if)#no shutdown
brings port up
Router(config)#int fa0/0.10
assigns subif to vlan 10
no ports yet
Router(config-subif)#
Router#conf t
Router(config)#int fa0/0.20
Create Subnets & Set Encapsulation
Router(config-subif)#int fa0/0.10 Router(config-subif)#encapsulation dot1q 10 <-- vlan 10 Router(config-subif)#ip address 192.168.10.1 255.255.255.0 <-- default gateway of hosts Router(config-subif)#int fa0/0.20 Router(config-subif)#encapsulation dot1q 10 <-- vlan 20 Router(config-subif)#ip address 192.168.20.1 255.255.255.0 <-- default gateway of hosts Router(config-subif)#
Enable Trunking Swith 1
Switch>en Switch#conf Switch(config)#int fa0/24 Switch(config-if)#switchport mode trunk Switch(config-if)#
Router
ping 192.168.10.11 ping 192.168.20.13
Trunk acts like physical connection
PC1 ping 192.168.10.1 ping 192.168.20.13
Hosts Set Default Gateway for each switch's subnet
192.168.10.1: add default gateway - no idea how to route to subnet 20 without the router
192.168.20.1: add default gateway - no idea how to route to subnet 20 without the router
Routing
Ping…
Not on my network
send to router
Router sends out & returns back on same port
4 Switched Virtual Interface(SVI)
3560 multi-layer switch
vlan 10 vlan 20 Switch>en Switch#show vlan brief
Route between the two
Switch#conf t Switch(config)#ip routing Switch(config)#int vlan 10 Switch(config-if)# ip address 192.168.10.1 255.255.255.0 Switch(config-if)#exit Switch(config)# Switch(config)#int vlan 20 ip address 192.168.20.1 255.255.255.0 Switch(config-if)#exit Switch(config)#
Configure Cisco Switch
Switch#erase startup-config [confirm] Save? n Proceed with reload [confirm] boots reloads factory flash Switch>en conf t hostname Switch1 Switch1(config)#exit Switch1# show vlan br Switch1#int vlan1 Switch1(config-if)#ip address 192.168.100.10 255.255.255.0 Switch1(config-if)#exit Switch1#show --Building configuration… --i/f listing --interface Vlan1 ip address 192.168.100.10.255.255.255.0 Switch1#conf t Switch1(config)#ip default-gateway 192.168.1.1 Switch1(config)#username TestAdmin password cisco Switch1(config)#exit Switch1#conf t Switch1(config)#enable password password
Enable Secret Password
Switch1>en Password: Password: Switch1#show run Switch1(config)#config t Switch1(config)#enable secret cisco !!secret password will ALWAYS override normal password!!
Console Password
conf t Switch1(config)#line console 0 Switch1(config-line)#exit Switch1(config)#line con 0
Remove Prompt Echo
Switch1(config-line)#logging synchronous
Login Timeout
Switch1(config-line)#exec-timeout ? Switch1(config-line)#exec-timeout 600 (seconds)
Console Password
Switch1(config-line)#password cisco
Console Login
Switch1(config-line)#login (enables) Switch1(config-line)#
Telnet Access
conf t line vty ? --tells number of ports Switch1(config)#line vty 0 15 Switch1(config-line)#password cisco Switch1(config-line)#login Switch1(config-line)#exec-timeout 10 Switch1(config-line)#logging synchronous exit
line con 0 Switch1(config-line)#login local --uses local username database
Find passwords
en show run username…. console passwords still in the clear conf t service password-encryption --current & future passwords will be encrypted No Start up config.. will lose config on reboot. SAVE!!! show start --NOTHING Switch#copy running-config startup-config Switch1#copy run start ENTER show start --SOMETHING
Cisco VLAN Configuration Part 1 - Creating VLANs https://youtu.be/uELaihen6Xk
Cisco VLAN Configuration Part 2 - Trunking and DTP https://youtu.be/lnGogvK0jxY
Cisco VLAN Configuration Part 3 - Router on a Stick https://youtu.be/GOXudQcsdxY
Cisco VLAN Configuration Part 4 - SVI https://youtu.be/o6ABkpq4ado
Cisco Switch Initial Config
Cisco Switch Initial Configuration
- Log in to post comments