Configuration Labs
Part 2: Switch Configuration
Lab 2: Static VLAN Configuration and Trunking
Objective
The overall objective of this laboratory exercise is to gain experience with the basic steps for con-
figuring a static VLAN on a Cisco switch using the CCNA 640-802 Network Simulator. In this
exercise, you will create two VLANs, Finance and Office, and assign switchports to each VLAN.
You are to configure the switch (SW1) so that server S1 and computer PC2 are assigned to VLAN
2, the Finance VLAN. You will also configure the switch so that computer PC1 is assigned to
VLAN 3, the Office VLAN. The IP addresses used in this exercise will all be configured as part of a
192.168.X.X network. Configure switches and the computers to operate in the network using the IP
addresses, subnet masks, and gateway addresses specified in Tables 1 and 2. You will gain an under-
standing of the following:
■ Operating in the Cisco privileged mode
■ Configuring and assigning names to the VLANs
■ Assigning ports to the VLANs
■ Steps for verifying port assignments
■ Troubleshooting the switch interface and VLAN assignments
page 1 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
Topology
S1
Gi0/1
PC1
Fa0/1
R1 Fa0/0 Fa0/3 SW1
Fa0/2
PC2
Figure 1 Network Topology for This Lab
Reference
The following simulator exercises provided with the CCNA 640-802 Network Simulator should be
reviewed prior to starting this virtual laboratory exercise:
■ VLAN Configuration I–V
■ VLANs I–III
■ Configuring VLANs
Key Concepts
The following concepts, terms, commands, and steps should have been mastered in this exercise:
■ The steps to enter the switch’s privileged EXEC mode (switch#).
■ The steps for configuring the IP address for the VLAN 1 interface on your switch.
■ The use of the no shut command to enable the VLAN interface.
■ The use of the sh vlan brief command to verify that the interfaces have been configured.
■ Use the ping command to verify network connectivity.
■ The steps for verifying the entries in the switch’s MAC address table.
■ The steps for configuring the switch port settings.
■ The steps for configuring the default gateway for the switch.
■ The steps for configuring the VLAN interfaces.
■ Using the show vlan command to verify that the VLANs have been created.
■ The steps for assigning ports to the VLANs.
page 2 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
Reference Tables
Table 1 provides the IP addresses and masks for all the necessary interfaces to complete this lab.
Table 1 IP Addresses, Subnet Masks, and VLAN Assignments for Lab 2
Computer/Server – SW1 IP Address Subnet Mask Gateway Address
S1 192.168.1.1 255.255.255.192 192.168.1.62
PC2 192.168.2.1 255.255.255.192 192.168.2.62
PC1 192.168.3.1 255.255.255.192 192.168.3.62
VLAN1 192.168.1.61 255.255.255.192 192.168.1.62
Table 2 Router R1 Subinterface Settings for Lab 2
IP Address Subnet Mask
R1 Fa 0/0.1 192.168.1.62 255.255.255.192
R1 Fa 0/0.2 192.168.2.62 255.255.255.192
R1 Fa 0/0.3 192.168.3.62 255.255.255.192
The passwords for switch S1 and Router R1 are as follows:
■ Console password: ciscopress
■ Privileged EXEC mode password: ciscopress
■ Enable secret: ciscopress
Detailed Lab Steps
Task 1
Step 1. Your first task is to configure the IP address for VLAN1. The IP address is provided in
Table 1. Enable the VLAN1 interface. List the command sequence required to accom-
plish this task. Indicate both the prompts and the commands.
SW1(config)# int vlan1
SW1(config-if)# ip address 192.168.1.61 255.255.255.0
SW1(config-if)# no shut
%LINK-3-UPDOWN: Interface vLan1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface vLan1, changed state to up
Step 2. Next, configure the IP addresses for computers PC1 and PC2, server S1, and Router R1.
After you have completed this task, verify that you have network connectivity from the
switch SW1 to the computers and server. List the command sequence required to accom-
plish this task.
ping 192.168.1.1 verify S1
ping 192.168.2.1 verify PC2
ping 192.168.3.1 verify PC1
page 3 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
Step 3. Next, use the command that displays the current VLAN interface information.
SW1# sh vlan
Step 4. Which ports currently belong to the default VLAN?
fa0/1 to fa0/24, gi0/1, gi0/2
Step 5. How many VLANs are set up by default on the switch? List the VLANs.
Five VLANS.
1 default
1002 fddi-default
1003 token-ring-default
1004 fddinet-default
1005 trnet-default
Step 6. In the next step, you are to create two VLANs, VLAN2 (Finance) and VLAN3 (Office).
List the command sequence required to create the VLANs and assign names to each
VLAN.
SW1(config)# vlan 2
SW1(config-vlan)# name Finance
SW1(config-vlan)# vlan 3
SW1(config-vlan)# name Office
Step 7. Verify that the two new VLANs have been created. List the command sequence required
to accomplish this task.
SW1# sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active fa0/1, fa0/2, fa0/4, fa0/5,
fa0/6, fa0/7
fa0/8, fa0/9, fa0/10, fa0/11
fa0/12, fa0/13, fa0/14, fa0/15
fa0/16, fa0/17, fa0/18, fa0/19
fa0/20, fa0/21, fa0/22, fa0/23
fa0/24, gi0/1, gi0/2
2 Finance active
3 Office active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Step 8. What ports are currently assigned to VLANs 2 and 3?
No ports are assigned.
page 4 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
Step 9. Issue the commands that assign the ports connecting S1, PC1, and PC2 to their respec-
tive VLANs.
SW1(config)# int gi0/1
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 2
SW1(config-if)# end
SW1(config)# int fa0/2
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 2
SW1(config-if)# end
SW1(config)# int fa0/1
SW1(config-if)# switchport mode access
SW1(config-if)# switch access vlan 3
SW1(config-if)# end
Step 10. Use the proper command to verify that the switchports have been properly assigned. List
the command sequence required to accomplish this task.
SW1# sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active fa0/4, fa0/5, fa0/6, fa0/7
fa0/8, fa0/9, fa0/10, fa0/11
fa0/12, fa0/13, fa0/14, fa0/15
fa0/16, fa0/17, fa0/18, fa0/19
fa0/20, fa0/21, fa0/22, fa0/23
fa0/24, gi0/2
2 VLAN0002 active fa0/2 gi0/1
3 VLAN0003 active fa0/1
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Step 11. Use the command to list the MAC addresses learned by SW1. Which interfaces are asso-
ciated with the MAC addresses of S1, PC1, and PC2, and which VLAN number is listed
for each entry?
SW1# sh mac address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- ---- -----
ALL 0100.0ccc.cccc static CPU
* * * *
* * * *
ALL ffff.ffff.ffff static CPU
2 0200.1111.1111 dynamic Fa0/1 PC1
3 0200.2222.2222 dynamic Fa0/2 PC2
page 5 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
1 0200.AAAA.AAAA dynamic Gi0/1 S1
2 0013.197b.1101 dynamic Fa0/3 connection to Router, R1
Step 12. In the next step, you are to create the trunk connection from switch FastEthernet 0/3
interface to the router.
SW1(config)# int fa0/3
SW1(config-if)# switchport mode trunk
Step 13. Next, configure Router R1 to support trunking and inter-VLAN routing. This requires
that the FastEthernet 0/0 and related subinterfaces be configured.
interface FastEthernet0/0
no ip address
!
FastEthernet0/0.1
encapsulation dot1q 1 native
ip address 192.168.1.62 255.255.255.192
!
FastEthernet0/0.2
encapsulation dot1q 2
ip address 192.168.2.62 255.255.255.192
!
FastEthernet0/0.3
encapsulation dot1q 3
ip address 192.168.3.62 255.255.255.192
Step 14. Now that the VLANs and trunking have been configured, verify that PC1, PC2, and S1
can ping each other. List the commands used to verify this.
Ping 192.168.1.1, ping 192.168.2.1, and ping 192.168.3.1 from each of the networking
devices.
You should have network connectivity for all three.
C:\> ping 192.168.2.62
Pinging 192.168.2.62 with 32 bytes of data:
Reply from 192.168.2.62: bytes=32 time=5ms TTL=126
Reply from 192.168.2.62: bytes=32 time=4ms TTL=126
Reply from 192.168.2.62: bytes=32 time=5ms TTL=126
Reply from 192.168.2.62: bytes=32 time=7ms TTL=126
Ping statistics for 192.168.2.62
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
C:\>
page 6 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
Task 2: Configuration List
The following is a partial list of the items displayed when you issue the show running-
configuration [sh run] command on a switch. Your task is to define each item and its purpose. You
might need to go to the Cisco website (http://www.cisco.com) and look up what each of these com-
mands means.
1. switchport mode trunk
This command is used to create the trunk connection.
2. no aaa new-model
This command disables authentication, authorization, and accounting (AAA).
3. encapsulation dot1q 1 native
Enables IEEE 802.1Q encapsulation of traffic on a specified subinterface in VLANs and
defaults to 1.
4. encapsulation dot1q 2
Router(config-if)# encapsulation dot1q vlan-identifier. Defines the encapsulation format as IEEE
802.1Q (dot1q) and specifies the VLAN identifier.
5. switchport mode access
This makes the port an access port as opposed to a trunk.
6. switchport access vlan 2
This sets the port VLAN number when the port is in access mode.
7. ip default-gateway 192.168.1.62
This is used to specify the IP address for data packets exiting the switch.
8. line vty 0 4
This enters line configuration mode for virtual terminal connections 0 4.
9. line vty 5 15
This enters line configuration mode for virtual terminal connections 5 15.
Router Configuration - correct
R1# sh run
Building configuration...
Current configuration : 800 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$KXED$S08d0zG3x3aiaeFjy7nCP
!
no aaa new-model
!
resource policy
page 7 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
!
!
!
ip cef
!
!
no ip domain lookup
!
!
!
!
interface FastEthernet0/0
no ip address
!
FastEthernet0/0.1
encapsulation dot1q 1 native
ip address 192.168.1.62 255.255.255.192
!
FastEthernet0/0.2
encapsulation dot1q 2
ip address 192.168.2.62 255.255.255.192
!
FastEthernet0/0.3
encapsulation dot1q 3
ip address 192.168.3.62 255.255.255.192
!
interface FastEthernet0/1
no ip address
shutdown
!
interface Serial0/0/0
no ip address
shutdown
!
interface Serial0/0/1
no ip address
shutdown
!
log-adjacency-changes
!
!
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
!
line con 0
password ciscopress
page 8 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
login
line aux 0
login local ciscopress
line vty 0 4
password ciscopress
login
!
scheduler allocate 20000 1000
!
end
R1#
Switch (S1) Configuration - correct
SW1# sh run
Building configuration...
Current configuration : 1310 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname SW1
!
enable secret 5 $1$KXED$S08d0zG3x3aiaeFjy7nCP
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
!
spanning-tree mode pvst
spanning-tree extend system-id
!
Vlan internal allocation policy ascending
!
!
interface FastEthernet0/1
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/3
switchport mode trunk
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
page 9 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
switchport access vlan 2
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 192.168.1.61 255.255.255.192
no ip route-cache
!
ip default-gateway 192.168.1.62
ip http server
control-plane
!
!
line con 0
password ciscopress
login
line vty 0 4
password ciscopress
login
line vty 5 15
password ciscopress
login
!
end
SW1#
page 10 © 2011 Pearson Education, Inc. All rights reserved. This publication is protected by copyright.