Basic VLANs

Wendell
By Wendell August 12, 2015 09:05

Configuring VLANs on access switches may be the most common repetitive configuration task in many networks. So what do you configure when adding new access devices to new VLANs? This lab gives you a chance to remember and exercise those commands.

.

Requirements

In this lab, configure four interfaces to be in the two VLANs as shown in the figure. Make sure that the interfaces operate as access interfaces.

The specific rules for this lab are:

  • Each interface should be configured in access mode in the correct VLAN.
  • Explicitly configure the VLANs, instead of letting IOS create them automationally.
  • All the interfaces shown in Figure 1 are already working (that is, in a up/up state) at the beginning of the lab.

Figure 1: Small Network with Two VLANs

 

Initial Configuration

Example 1 shows the beginning configuration state of SW1.

Example 1: SW1 Config

 

Answer on Paper and Maybe Test in a Lab

Next, write your answer on paper. Or if you have some real gear, or other tools, configure the lab with those tools.

If you do attempt this lab on a real IOS, you can test by giving the four PCs IP addresses as shown in the figure. Note that with this design, with no router to forward packets between subnets, the two PCs in VLAN 10 should not be able to ping the two PCs in VLAN 20. So, PC1 and PC2 should succeed when pinging each other, and PC3 and PC4 should succeed when pinging each other, but those are the only combinations that should work once you have completed this lab.

 

Do this Lab with Cisco’s VIRL

You can do these labs on paper and still get a lot out of the lab. As an extra help, we have added files for the Virtual Internet Routing Lab (VIRL) software as well. The .VIRL file found here is a file that when used with VIRL will load a lab topology similar to this lab’s topology, with the initial configuration shown in the lab as well. This section lists any differences between the lab exercise and the .VIRL file’s topology and configuration.

Download this lab’s VIRL file!

 

Network Device Info:

This table lists the interfaces changed in this lab to work well in VIRL.

Device Lab Port VIRL Port
SW1 F0/1 G0/1
SW1 F0/2 G0/2
SW1 F0/3 G1/1
SW1 F0/4 G1/2

 

Host device info:

This table lists host information pre-configured in VIRL, information that might not be required by the lab but may be useful to you.

Device IP Address Mac Address User/password
PC1 10.1.1.1 02:00:11:11:11:11 cisco/cisco
PC2 10.1.1.2 02:00:22:22:22:22 cisco/cisco
PC3 10.3.3.3 02:00:33:33:33:33 cisco/cisco
PC4 10.3.3.4 02:00:44:44:44:44 cisco/cisco

 

Handy Host Commands:

To see PC IP address: ifconfig eth1

Ping example: ping -c 4 10.1.1.1

Trace example: tracepath 10.1.1.1

To connect to another node within the topology: telnet 10.1.1.1

Answers: Basic VLANs
Answers to a Root Question with No Direct Link to the Root
Wendell
By Wendell August 12, 2015 09:05
Write a comment

9 Comments

  1. Armin Gradascevic August 12, 16:26

    Come on Wendell! This is Easy!!

    When in Global config mode:

    Interface range fastEthernet fa0/1 – 0/2
    Switchport access vlan 10
    no shutdown
    Interface range FastEthernet fa0/3 -0/4
    switchport access vlan 20
    no shutdown

    Then configure the static addresses on the host machines and only PCs within the same vlan will be able to talk to each other 🙂

    Reply to this comment
    • certskills August 12, 16:55

      Hi Armin,
      Are you throwing the gauntlet down in that first line? 🙂

      Thanks for playing! I’ll defer comment until the answers post is up. But, given your first statement…

      Hey, if you do see this, give me some perspective from your “too easy” comment… Where are you in your ICND1 or CCNA study? EG, just read the chapter about VLAN config, practiced a bit, ready for the exam, passed the exam, far past the exam?

      Shooting for someone who’s read but hasn’t mastered yet, so is looking for practice. Thx!

      Reply to this comment
      • Armin March 21, 22:51

        Hey Wendell! I just seen your reply?? I would have commented sooner. I passed the CCNA as a whole in November and to be honest the ICND1 was really easy and gave me no trouble. I did fail the CCNA twice (Accidentally skipped/Missed a sim on the second try which lost me a ton of points). Your ICND1 book is magical and thats why I enjoyed your CCNA books, I am currently about to finish up CCNP route using Kevin’s books.

        Reply to this comment
  2. Mike August 12, 23:21

    *sigh* Armin beat me to the first post!
    [ I did have to peek to get the exact prompt syntax, but have the steps down. 😉 ]

    sw1(config)# vlan 10
    sw1(config-vlan)# name Ten
    sw1(config)# vlan 20
    sw1(config-vlan)# name Twenty
    sw1(config-vlan)# interface range fa0/1 – 2
    sw1(config-if-range)# switchport mode access
    sw1(config-if-range)# switchport access vlan 10
    sw1(config-if-range)# interface range fa0/3 – 4
    sw1(config-if-range)# switchport mode access
    sw1(config-if-range)# switchport access vlan 20
    sw1(config-if-range)# end

    Reply to this comment
  3. Harry August 18, 15:53

    SW1# conf t
    SW1(config)# vlan 10
    SW1(config-vlan)# vlan 20
    SW1(config-vlan)# exit

    SW1(config)# int ran f0/1 – 2
    SW1(config-if-range)# sw acc vlan 10
    SW1(config-if-range)# sw mod acc
    SW1(config-if-range)# int ran f0/3 – 4
    SW1(config-if-range)# sw acc vlan 20
    SW1(config-if-range)# sw mod acc
    SW1(config-if-range)#end
    sw1#
    sw1# sh vlan bri

    Confirm that the vlans 10,20 exists and are in active status.
    Confirm that Fa0/1, Fa0/2 Ports are associated with vlan 10
    Confirm that Fa0/3, Fa0/4 Ports are associated with vlan 20

    SW1# show interfaces status

    Check that Fa0/1,Fa0/2,Fa0/3,Fa0/3 are in status connected. -> means up/up
    Also you can check their vlan, interface description, duplex, speed

    SW1# wr (or copy runn st) ->Save your config (never forget)

    SW1# That’s all folks!!!!!!!!

    Reply to this comment
    • certskills August 18, 16:51

      Good verification steps Harry!

      Reply to this comment
    • Dan Perkins September 1, 15:00

      As an added confirmation I ran pings between all workstations to verify there was communication within the VLANs but not between the VLANs

      Reply to this comment
      • certskills September 7, 10:15

        Dan,
        Good test! As a bonus exercise then… add a router to the design, and configure router-on-a-stick to add routing between the VLANs, and re-run your test. Regardless, that’s a good confirmation.
        Wendell

        Reply to this comment
        • Dan Perkins September 10, 10:09

          Thanks! The ROAS exercise was a good suggestion. Added a router, sub interfaces, dot1q encapsulation, trunked the switch port the router was on and got inter-vlan traffic working.

          Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Search

Categories