Lesson 3

Configuring a switch
What is a Network Switch?
Most business networks today use switches to
connect computers, printers and servers
within a building or campus.
A switch serves as a controller, enabling
networked devices to talk to each other
efficiently.
Through information sharing and resource
allocation, switches save businesses money
and increase employee productivity.
Switches create a network and are Routers
which connect networks.

Configuring a switch
What is a Network Switch: Unmanaged Switches
An unmanaged switch works right out of the box.
It's not designed to be configured, so you don't have to worry
about installing or setting it up correctly.
Unmanaged switches have less network capacity than managed
switches.
You'll usually find unmanaged switches in home networking
equipment.
What is a Network Switch: Managed Switches
A managed network switch is configurable, offering greater
flexibility and capacity than an unmanaged switch.
You can monitor and adjust a managed switch locally or remotely,
to give you greater network control.

Configuring a switch
LAB1
Lab switch basic configuration (using packet tracer)
instructions
This lab will test your ability to configure basic settings on a cisco switch.
1. Use the local laptop connect to the switch console.
2. Configure Switch hostname as LOCAL-SWITCH
3. Configure the message of the day as "Unauthorized access is forbidden"
4. Configure the password for privileged mode access as "cisco". The
password must be md5 encrypted
5. Configure password encryption on the switch using the global
configuration command

Configuring a switch LAB1

6. Configure CONSOLE access with the following settings :
- Login enabled
- Password : ciscoconsole
- History size : 15 commands
- Timeout : 6'45''
- Synchronous logging
7. Configure TELNET access with the following settings :
- Login enabled
- Password : ciscotelnet
- History size : 15 commands
- Timeout : 8'20''
- Synchronous logging
8. Configure the IP address of the switch as 192.168.1.2/24 and it's
default gateway IP (192.168.1.1).
9. Test telnet connectivity from the Remote Laptop using the telnet client.

Configuring a switch
LAB1

Configuring a switch
LAB1
Solution
Configure Switch hostname as LOCAL-SWITCH
hostname LOCAL-SWITCH

Configure the message of the day as "Unauthorized access is

forbidden"
banner motd #Unauthorized access is forbidden#

Configure the password for privileged mode access as "cisco".

The password must be md5 encrypted
enable secret cisco

Configure password encryption on the switch using the global

configuration command
service password-encryption

Configuring a switch

LAB1
Configure CONSOLE access [...]
line con 0
password ciscoconsole
logging synchronous
login
history size 15
exec-timeout 6 45
Configure TELNET access [...]
line vty 0 15
exec-timeout 8 20
password ciscotelnet
logging synchronous
login
history size 15
Configure the IP address of the switch as 192.168.1.2/24 and
it's default gateway IP (192.168.1.1).
interface Vlan1
ip address 192.168.1.2 255.255.255.0
ip default-gateway 192.168.1.1

Configuring a switch

LAB2
Lab 2 - Switch interfaces configuration
Lab instructions
This lab will test your ability to configure speed, duplex, and vlan
settings on a cisco switch interfaces.
1. Connect to Switch0 using console interface and configure each
Switch0 fastethernet switchport for operation. Correct settings are :
- Port type : access port
- Speed : 100 Mbit/s
- Duplex mode : Full Duplex
- Autonegotiation disabled

2. PC "192.168.1.4" seems to be unable to ping other PCs in the

network. Check switch configuration.
TIP : How many broadcast domains are there in this network ?

3. Choose the right cable to connect :

- Switch0 gigabitethernet 1/1 to Switch1 gigabitethernet 1/1
- Switch1 gigabitethernet 1/2 to Switch2 gigabitethernet 1/2

4. Configure those two links as trunk lines without using trunk

negotiation between switches

Configuring a switch
LAB2

Solution
Connect to Switch0 using console
interface and configure each Switch0
fastethernet switchport for operation.
Switch(config)#interface FastEthernet0/1
switchport mode access
duplex full
speed 100
Switch(config)#interface FastEthernet0/2
switchport mode access
duplex full
speed 100
Switch(config)#interface FastEthernet0/3
switchport mode access
duplex full
speed 100
Switch(config)#interface FastEthernet0/4
switchport mode access
duplex full
speed 100

Configuring a switch
LAB2
Solution

PC "192.168.1.4" seems to be unable

to ping other PCs in the network.
Check switch configuration.
Switch(config)#interface FastEthernet0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 1

Choose the right cable to connect :

- Switch0 gigabitethernet 1/1 to
Switch1 gigabitethernet 1/1
- Switch1 gigabitethernet 1/2 to
Switch2 gigabitethernet 1/2

Configuring a switch
LAB2
Configure those two links as trunk
lines without using trunk negotiation
between switches
On every interface that has to be
configured for trunk operation, configure
the following settings
Switch(config)#interface
GigabitEthernet1/X
Switch(config-if)#switchport mode trunk

Verify interface operational mode using the

"show interface GigabitEthernet1/X
switchport command" :
Name: Gig1/2
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation:
dot1q
Operational Trunking Encapsulation: dot1q

Configuring a switch
LAB2
Another usefull ios command is "show
interfaces trunk" :
Switch#sh interfaces trunk
Port Mode Encapsulation
Status Native vlan
Gig1/2 on 802.1q
trunking 1
Port Vlans allowed on trunk
Gig1/2 1-1005
Port Vlans allowed and active in
management domain
Gig1/2 1
Port Vlans in spanning tree forwarding
state and not pruned
Gig1/2 1

Configuring a switchLab3
Lab 3 - VLAN and VTP configuration
Lab instructions
The aim of this lab is to check your ability
to configure VTP and VLAN on a small
network of four switches. This lab will help
you to prepare your ICND1 exam.
1.Configure the VTP-SERVER switch as a
VTP server
2.Connect to the 3 other switches and
configure them as VTP clients.
All links between swiches must be
configured as trunk lines.
3.Configure VTP domain name as
"TESTDOMAIN" and VTP password as
"cisco"
4.Configure VLAN 10 with name
"STUDENTS" and VLAN 50 with name

Solution

Configuring a switchLab3

Configure the VTP-SERVER switch as a VTP

server
VTP-SERVER(config)#vtp mode server
Verify the VTP configuration using the "show vtp
status command"
VTP-SERVER#show vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Server
VTP Domain Name : TESTDOMAIN
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAE 0x4F 0x3F 0xC5
0xD3 0x41 0x9C 0x11
Configuration last modified by 192.168.1.1 at 3-193 00:27:41

Solution

Configuring a switchLab3

Connect to the 3 other switches and

configure them as VTP clients.
All links between swiches must be
configured as trunk lines.
VTP-CLIENT3(config)#vtp mode client
Verify the VTP configuration using the "show vtp
status command"
VTP-CLIENT3#sh vtp status
VTP Version : 2
Configuration Revision : 4
Maximum VLANs supported locally : 255
Number of existing VLANs : 7
VTP Operating Mode : Client
VTP Domain Name : TESTDOMAIN
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xAE 0x4F 0x3F 0xC5
0xD3 0x41 0x9C 0x11

Solution

Configuring a switchLab3

Configure VTP domain name as

"TESTDOMAIN" and VTP password as "cisco"
1. Configure each link between switches as a trunk
line
interface GigabitEthernet1/1
switchport mode trunk
interface GigabitEthernet1/2
switchport mode trunk

2.On the server :

VTP-SERVER(config)#vtp domain TESTDOMAIN
VTP-SERVER(config)#vtp password cisco

3.On each client :

VTP-CLIENT1(config)#vtp mode client
VTP-CLIENT1(config)#vtp password cisco
VTP-CLIENT1(config)#vtp domain TESTDOMAIN

Solution

Configuring a switchLab3

Configure VLAN 10 with name "STUDENTS"

and VLAN 50 with name "SERVERS"
On the VTP server switch, configure the following
commands
VTP-SERVER(config)#vlan 10
VTP-SERVER(config-vlan)#name STUDENTS
VTP-SERVER(config)#vlan 50
VTP-SERVER(config-vlan)#name SERVERS

Solution

Configuring a switchLab3

Check propagation on all switches of the VTP

domain.
Use the "show vlan brief" on each switch to check
propagation of the 2 VLANS.
VTP-SERVER#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------------------------------------1 default active Fa0/1, Fa0/2,
Fa0/3, Fa0/4, [...]
10 STUDENTS active
50 SERVERS active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

Spanning tree
configuration
Build a network in packet tracer as shown
Configure trunks between 4 switches
Configure Switch0 and Switch1 as VTP servers for
domain Cisco and the other two switches as VTP
client;
Add VLAN 10 and VLAN 20 in Switch0. Are these two
VLAN added in other three switches?

Spanning tree
configuration

Configure Access switches Switch2 and Switch3 where

the ports connected to the PCs to be associated with
VLAN 10 and 20 as shown in the diagram
Provide addressing for the 4 computers:
PC0 -> 192.168.10.10
PC1 -> 192.168.20.11
PC2 -> 192.168.10.12
PC0 -> 192.168.20.13
Test connectivity between PCs in the same
LAN.

stp_lab01.pkz

Resiliency in Layer 2 network

Resilient network-config