Lab 3.5.1: Basic VLAN Configuration: (Instructor Version)

Lab 3.5.
1: Basic VLAN Configuration (Instructor Version)

Topology Diagram
Addressing Table
Device
(Hostname
)
S1
Interface
IP Address
Subnet Mask
Default Gateway
VLAN 99
172.17.99.11
255.255.255.0
N/A
S2
VLAN 99
172.17.99.12
255.255.255.0
N/A
S3
VLAN 99
172.17.99.13
255.255.255.0
N/A
PC1
NIC
172.17.10.21
255.255.255.0
172.17.10.1
PC2
NIC
172.17.20.22
255.255.255.0
172.17.20.1
PC3
NIC
172.17.30.23
255.255.255.0
172.17.30.1
PC4
NIC
172.17.10.24
255.255.255.0
172.17.10.1
PC5
NIC
172.17.20.25
255.255.255.0
172.17.20.1
PC6
NIC
172.17.30.26
255.255.255.0
172.17.30.1
Initial Port Assignments (Switches 2 and 3)

Ports
Fa0/1 0/5
Fa0/6 0/10
Fa0/11 0/17
Fa0/18 0/24
Assignment
802.1q Trunks (Native VLAN 99)
VLAN 30 Guest (Default)
VLAN 10 Staff
VLAN 20 Students
Network
172.17.99.0 /24
172.17.30.0 /24
172.17.10.0 /24
172.17.20.0 /24
Learning Objectives
Perform basic configuration on a switch
All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 14
CCNA Exploration
LAN Switching and Wireless: VLANs
Create VLANs
Assign switch ports to a VLAN
Add, move, and change ports
Verify VLAN configuration
Enable trunking on inter-switch connections
Verify trunk configuration
Save the VLAN configuration
Lab 3.5.1: Basic VLAN Configuration
Task 1: Prepare the Network

Step 1: Cable a network according to the topology diagram.
Use preferrably the 2960 switch.
If you use 2900 or 2950 switches, the outputs may appear different. Also, certain commands may be
different or unavailable.
Step 2: Clear any existing configurations on the switches, and initialize all ports in the shutdown
state.
Disable any unused ports on the switches:
Switch#config term
Switch(config)#interface range fa0/1-24
Switch(config-if-range)#shutdown
Switch(config-if-range)#interface range gi0/1-2
Switch(config-if-range)#shutdown
Pkaz interface range v Packet Tracer vyaduje mezery kolem pomlky.
Task 2: Perform Basic Switch Configurations

Step 1: Configure the switches according to the following guidelines.
Configure the switch hostname.
Disable DNS lookup.
Configure an EXEC mode password of class.
Configure a password of cisco for console connections.
Configure a password of cisco for vty connections.
EXEC mode password z cvinch dvod nastavte, vyzkouejte a zrute. Jinak ho budete pi prci
nesetnkrt vyukvat vdy, kdy switch automaticky vycouv z EXEC mdu.
Step 2: Re-enable the user ports on S2 and S3.
S2(config)#interface range fa0/6, fa0/11, fa0/18
S2(config-if-range)#switchport mode access
S2(config-if-range)#no shutdown
Page 2 of 14
CCNA Exploration
S3(config)#interface range fa0/6, fa0/11, fa0/18

.................................
Task 3: Configure and Activate Ethernet Interfaces

Step 1: Configure the PCs.
Task 4: Configure VLANs on the Switch

Step 1: Create VLANs on switch S1.
S1(config)#vlan 10
S1(config-vlan)#name
S1(config-vlan)#vlan
S1(config-vlan)#end
S1#
staff
20
students
30
guest
99
management
Step 2: Verify that the VLANs have been created on S1.

Use the show vlan brief command to verify that the VLANs have been created.
S1#show vlan brief
VLAN Name
Status
Ports
---- ------------------------------- --------- ----------------------------1
default
active
Fa0/1, Fa0/2, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gi0/1
Gi0/2
10
staff
active
20
students
active
30
guest
active
99
management
active
Step 3: Configure and name VLANs on switches S2 and S3.
Create and name VLANs 10, 20, 30, and 99 on S2 and S3 using the commands from Step 1. Verify the
correct configuration with the show vlan brief command.
What ports are currently assigned to the four VLANs you have created?
_______________________________ none
Page 3 of 14
CCNA Exploration
Step 4: Assign switch ports to VLANs on S2 and S3.

The commands are shown for S3 only, but you should configure both S1 and S3 similarly. Save your
configuration when done.
S3(config)#interface range fa0/6-10
S3(config-if-range)#switchport access vlan 30
S3(config-if-range)#interface range fa0/11-17
S3(config-if-range)#interface range fa0/18-24
S3(config-if-range)#end
S3#copy running-config startup-config
Destination filename [startup-config]? [enter]
Building configuration...
[OK]
Step 5: Determine which ports have been added.
Use the show vlan id vlan-number command on S2 to see which ports are assigned to VLAN 10.
Which ports are assigned to VLAN 10?
_______________________________________________________ Fa0/11, Fa0/12, Fa0/13, Fa0/14,
Fa0/15, Fa0/16, Fa0/17
Note: The show vlan name vlan-name displays the same output.
You can also view VLAN assignment information using the show interfaces interface switchport
command.
Step 6: Assign the management VLAN.
A management VLAN is any VLAN that you configure to access the management capabilities of a switch.
VLAN 1 serves as the management VLAN if you did not specifically define another VLAN. You assign
the management VLAN an IP address and subnet mask.
Because the out-of-the-box configuration of a Cisco switch has VLAN 1 as the default VLAN, VLAN 1 is a
bad choice as the management VLAN: You do not want an arbitrary user who is connecting to a switch to
default to the management VLAN. You configured the management VLAN as VLAN 99 earlier in this lab.
From interface configuration mode, use the ip address command to assign the management IP address
to the switches.
S1(config)#interface vlan 99
S1(config-if)#ip address 172.17.99.11 255.255.255.0
S1(config-if)#no shutdown
...................................12 .............
...................................13 .............
Assigning a management address allows IP communication between the switches, and also allows any
host connected to a port assigned to VLAN 99 to connect to the switches.
Page 4 of 14
CCNA Exploration
Step 7: Configure trunking and the native VLAN for the trunking ports on all switches.
Trunks are connections between the switches that allow the switches to exchange information for all
VLANS. By default, a trunk port belongs to all VLANs, as opposed to an access port, which can only
belong to a single VLAN.
A native VLAN is assigned to an 802.1Q trunk port. In the topology, the native VLAN is VLAN 99. An
802.1Q trunk port supports traffic coming from many VLANs (tagged traffic) as well as traffic that does not
come from a VLAN (untagged traffic). The 802.1Q trunk port places untagged traffic on the native
VLAN. Untagged traffic is generated by a computer attached to a switch port that is configured with the
native VLAN. One of the reasons for Native VLANs is to maintain backward compatibility with
untagged traffic common to legacy LAN scenarios. It is a best practice to use a VLAN other than
VLAN 1 as the native VLAN.
Use the interface range command in global configuration mode to simplify configuring trunking.
S1(config)#interface range fa0/1-5
S1(config-if-range)#switchport mode trunk
S1(config-if-range)#switchport trunk native vlan 99
S1(config-if-range)#no shutdown
S1(config-if-range)#end
S2(config)# interface range fa0/1-5
...........................................................................................................
S3(config)# interface range fa0/1-5
.............................................................................................................
Verify that the trunks have been configured with the show interface trunk command.
S1#show interface trunk
Port
Fa0/1
Fa0/2
Port
Fa0/1
Fa0/2
Mode
on
on
Encapsulation
802.1q
802.1q
Status
trunking
trunking
Native vlan
99
99
Vlans allowed on trunk

1-4094
1-4094
Port
Fa0/1
Fa0/2
Vlans allowed and active in management domain

1,10,20,30,99
1,10,20,30,99
Port
Fa0/1
Fa0/2
Vlans in spanning tree forwarding state and not pruned

1,10,20,30,99
1,10,20,30,99
Step 8: Verify that the switches can communicate.

From S1, ping the management address on both S2 and S3.
S1#ping 172.17.99.12
S1#ping 172.17.99.13
Page 5 of 14
CCNA Exploration
Step 9: Ping several hosts from PC2.

Ping from host PC2 to host PC1 (172.17.10.21). Is the ping attempt successful? _________ no
Ping from host PC2 to the switch VLAN 99 IP address 172.17.99.12. Is the ping attempt successful?
_________ no
Because these hosts are on different subnets and in different VLANs, they cannot communicate without a
Layer 3 device to route between the separate subnetworks.
Ping from host PC2 to host PC5. Is the ping attempt successful? _________ yes
Because PC2 is in the same VLAN and the same subnet as PC5, the ping is successful
Step 10: Move PC1 (on the port S2 Fast 0/11) into the same VLAN as PC2.
S2#configure terminal
Enter configuration commands, one per line.
S2(config)#interface fastethernet 0/11
S2(config-if)#switchport access vlan 20
S2(config-if)#end
End with CNTL/Z.
Ping from host PC2 to host PC1. Is the ping attempt successful? _________ no
Even though the ports used by PC1 and PC2 are in the same VLAN, they are still in different
subnetworks, so they cannot communicate directly.
Step 11: Change the IP address and network on PC1.
Change the IP address on PC1 to 172.17.20.22. The subnet mask and default gateway can remain the
same. Once again, ping from host PC2 to host PC1, using the newly assigned IP address.
Is the ping attempt successful? _________yes
Why was this attempt successful?
____________________________________________________________________________________
____________________________________________________________________________________
Hosts must be in the same VLAN and in the same subnet to communicate directly through the switches.
Page 6 of 14
CCNA Exploration
Final Switch Configurations

S1
hostname S1
!
enable secret class
no ip domain-lookup
!
interface FastEthernet0/1
switchport trunk native vlan 99
switchport mode trunk
!
!
!
!
!
shutdown
!
<all remaining FastEthernet and GigabitEthernet interface are shutdown>
!
interface Vlan1
no ip address
no ip route-cache
!
interface Vlan99
ip address 172.17.99.11 255.255.255.0
no ip route-cache
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
Page 7 of 14
CCNA Exploration
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password cisco
logging synchronous
login
!
end
S2
hostname S2
!
enable secret class
no ip domain-lookup
!
switchport trunk native vlan
!
!
!
!
!
switchport access vlan 30
switchport mode access
!
99
99
99
99
99
Page 8 of 14
CCNA Exploration
shutdown
!
shutdown
!
shutdown
!
shutdown
!
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
Page 9 of 14
CCNA Exploration

shutdown
!
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
shutdown
!
interface GigabitEthernet0/1
shutdown
!
shutdown
!
interface Vlan1
no ip address
no ip route-cache
Page 10 of 14
CCNA Exploration
shutdown
!
interface Vlan99
ip address 172.17.99.12 255.255.255.0
no ip route-cache
!
ip http server
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 0 4
exec-timeout 0 0
password cisco
logging synchronous
login
line vty 5 15
exec-timeout 0 0
password cisco
logging synchronous
login
!
!
end
S3
hostname S3
no ip domain-lookup
enable secret class
!
!
!
Page 11 of 14
CCNA Exploration
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
Page 12 of 14
CCNA Exploration
!
!
!
!
!
!
!
!
!
interface Vlan1
no ip address
no ip route-cache
shutdown
!
interface Vlan99
ip address 172.17.99.13 255.255.255.0
no ip route-cache
!
line con 0
password cisco
login
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end
Page 13 of 14
CCNA Exploration
Page 14 of 14

Lab 3.5.1: Basic VLAN Configuration: (Instructor Version)

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Lab 3.5.1: Basic VLAN Configuration: (Instructor Version)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lab 3.5.1: Basic VLAN Configuration: (Instructor Version)

Uploaded by

Copyright:

Available Formats

Lab 3.5.

1: Basic VLAN Configuration (Instructor Version)

Initial Port Assignments (Switches 2 and 3)

Perform basic configuration on a switch

Assign switch ports to a VLAN

Add, move, and change ports

Verify VLAN configuration

Enable trunking on inter-switch connections

Verify trunk configuration

Save the VLAN configuration

Lab 3.5.1: Basic VLAN Configuration

Task 1: Prepare the Network

Task 2: Perform Basic Switch Configurations

Configure the switch hostname.

Disable DNS lookup.

Configure an EXEC mode password of class.

Configure a password of cisco for console connections.

Configure a password of cisco for vty connections.

Lab 3.5.1: Basic VLAN Configuration

S3(config)#interface range fa0/6, fa0/11, fa0/18

Task 3: Configure and Activate Ethernet Interfaces

Task 4: Configure VLANs on the Switch

Step 2: Verify that the VLANs have been created on S1.

Lab 3.5.1: Basic VLAN Configuration

Step 4: Assign switch ports to VLANs on S2 and S3.

Lab 3.5.1: Basic VLAN Configuration

Vlans allowed on trunk

Vlans allowed and active in management domain

Vlans in spanning tree forwarding state and not pruned

Step 8: Verify that the switches can communicate.

Lab 3.5.1: Basic VLAN Configuration

Step 9: Ping several hosts from PC2.

End with CNTL/Z.

Lab 3.5.1: Basic VLAN Configuration

Final Switch Configurations

Lab 3.5.1: Basic VLAN Configuration

Lab 3.5.1: Basic VLAN Configuration

Lab 3.5.1: Basic VLAN Configuration

switchport access vlan 10

Lab 3.5.1: Basic VLAN Configuration

Lab 3.5.1: Basic VLAN Configuration

Lab 3.5.1: Basic VLAN Configuration

Lab 3.5.1: Basic VLAN Configuration

You might also like