Vous êtes sur la page 1sur 31

ACL : Access control List Les listes de contrle daccs Cest un ensemble de conditions squentielles Condition 1 Condition 2 Condition

dition n Dfinition de lACL au niveau du routeur Affectation de lACL une interface IN ou OUT. Il y a toujours un jugement soit un refus DENY ou une autorisation PERMIT Il y a des ACL standards et dautres tendues. ACL standards (1-99) : Test : @ IP dorigine Position : le plus proche de la destination

ACL tendue (100-199) : Test : @ IP dorigine, @ IP de destination Position : le plus proche de la source

Routeur (conf)# acces-list 1 permit ou deny Interf fa0/0 (Config-if )#ip acces-group 1 in/out Remarque: De la condition la plus prcise la condition la plus gnrale. 0.0.0.255 -> masque gnrique = ! Masque rseau // pour permettre la connexion a tout le monde ACL 2 PERMIT 0.0.0.0 255.255.255.255 ACL 2 DENY 172.16.1.1 0.0.0.0 // refuser laccs a ladresse IP

ACL 2 DENY HOST 172.16.1.1 // pour spcifier que cest une machine et non pas un rseau ACL 2 PERMIT ANY ANY Router# Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostna Router(config)#hostname rabat rabat(config)#ser rabat(config)#service pas rabat(config)#enable secret rabat(config)#enable secret cisco rabat(config)# rabat(config)#line con 0 rabat(config-line)#p rabat(config-line)#pas rabat(config-line)#password cisco rabat(config-line)#login rabat(config-line)#exit rabat(config)#line vty 0 4 rabat(config-line)#p rabat(config-line)#pass rabat(config-line)#password cisco rabat(config-line)# rabat(config-line)#login rabat(config-line)#exit rabat(config)#ser rabat(config)#service pass rabat(config)#service password-encryption

rabat(config)#enable sec rabat(config)#enable secret cisco rabat(config)#exit %SYS-5-CONFIG_I: Configured from console by console rabat#exit rabat con0 is now available Press RETURN to get started. User Access Verification

Password:

rabat>enable Password: rabat#conf t Enter configuration commands, one per line. End with CNTL/Z. rabat(config)#enterf rabat(config)#conf t %Invalid hex value rabat(config)#interfa rabat(config)#interface f0/0 rabat(config-if)#ip add rabat(config-if)#ip address 192.168.14.1 255.255.255.0 rabat(config-if)#no sh rabat(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up rabat(config-if)#exit

rabat(config)#inter rabat(config)#interface s2/0 rabat(config-if)#ip rabat(config-if)#ip add rabat(config-if)#ip address 192.168.100.1 255.255.255.252 rabat(config-if)#clo rabat(config-if)#clock ra rabat(config-if)#clock rate 128000 rabat(config-if)#no sh rabat(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial2/0, changed state to down rabat(config-if)#ip dhcp poo rabat(config-if)#exit rabat(config)#ip rabat(config)#ip dh rabat(config)#ip dhcp p rabat(config)#ip dhcp pool lan1 rabat(dhcp-config)#netw rabat(dhcp-config)#network 192.168.14.0 255.255.255.0 rabat(dhcp-config)#default rabat(dhcp-config)#default-router 192.168.14.1 rabat(dhcp-config)#end %SYS-5-CONFIG_I: Configured from console by console rabat#wr Destination filename [startup-config]? Building configuration... [OK]

casa(config)#router rip casa(config-router)#ver casa(config-router)#version 2 casa(config-router)#networ casa(config-router)#network 192.168.15.0 casa(config-router)#network 192.168.100.0 casa(config-router)#? auto-summary Enter Address Family command mode

default-information Control distribution of default information distance exit network no Define an administrative distance Exit from routing protocol configuration mode Enable routing on an IP network Negate a command or set its defaults Suppress routing updates on an interface

passive-interface timers version

Adjust routing timers Set routing protocol version

casa(config-router)#au casa(config-router)#auto-summary casa(config-router)#pas casa(config-router)#passive-interface f0/0 casa(config-router)#end %SYS-5-CONFIG_I: Configured from console by console casa#wr Destination filename [startup-config]? Building configuration... [OK] casa#conf t

Enter configuration commands, one per line. End with CNTL/Z. casa(config)#acc casa(config)#access-list 20 de casa(config)#access-list 20 deny ho casa(config)#access-list 20 deny host 192.168.14.2 casa(config)#access-list 20 permit any casa(config)#inter casa(config)#interface f0/0 casa(config-if)#ip acc casa(config-if)#ip access-group 20 ou casa(config-if)#ip access-group 20 out casa(config-if)#end %SYS-5-CONFIG_I: Configured from console by console casa#wr Destination filename [startup-config]? Building configuration... [OK] casa# casa#conf t Enter configuration commands, one per line. End with CNTL/Z. casa(config)#acc casa(config)#access-list 20 de casa(config)#access-list 20 deny ho casa(config)#access-list 20 deny host 192.168.14.2 casa(config)#access-list 20 permit any casa(config)#inter casa(config)#interface f0/0 casa(config-if)#ip acc

casa(config-if)#ip access-group 20 ou casa(config-if)#ip access-group 20 out casa(config-if)#end %SYS-5-CONFIG_I: Configured from console by console casa#wr Destination filename [startup-config]? Building configuration... [OK] casa#

// pour liminer laccs liste bat#conf t Enter configuration commands, one per line. End with CNTL/Z. rabat(config)#no acc rabat(config)#inte rabat(config)#interface f0/0 rabat(config-if)#no a rabat(config-if)#no acc rabat(config-if)#no acc rabat(config-if)#no acce rabat(config-if)#no ip ac rabat(config-if)#no ip access-group 30 out rabat(config-if)#no ip access-group 30 out rabat(config-if)#no acc rabat(config-if)#exit rabat(config)#no a rabat(config)#no access-list 30 rabat(config)#end

%SYS-5-CONFIG_I: Configured from console by console rabat#wr Destination filename [startup-config]? Building configuration... [OK] rabat# // ACL 40 qui autorise le trafic venant uniquement des machines ayant une @IP paire 2 :0000 0010 3 :0000 0011 4 :0000 0100 192.168.14.0 0.0.0.254

casa# conf t casa(config)#access-list 40 permit 192.168.14.0 0.0.0.254 casa(config)#end casa#wr casa#conf t casa(config)#interface f0/0 casa(config-if)#ip access-group 40 out casa(config-if)#end casa#wr // ACL 50 qui autorise le trafic venant uniquement des machines ayant une @IP impaire casa#conf t casa(config)#access-list 50 permit 192.168.14.1 0.0.0.254 casa(config)#inter f0/0 casa(config-if)#ip acc

casa(config-if)#ip access-group 50 out casa(config-if)#end // ACL qui autorise la connexion des paires avec les impaires et refuse la connexion des mmes types (tendue) Acces list 114 permit tcp 192.168.14.0 0.0.0.254 0.0.0.254 Acces list 114 permit tcp 192.168.14.1 0.0.0.254 0.0.0.254 192.168.15.1 192.168.15.0

casa(config)#no access-list 40 casa(config)#exit casa#wr casa#conf t casa(config)#access-list 114 permit tcp 192.168.15.0 0.0.0.254 192.168.14.1 0.0.0.25 casa(config)#access-list 114 permit tcp 192.168.15.1 0.0.0.254 192.168.14.0 0.0.0.25 casa(config)#inter f0/0 casa(config-if)#ip access-group 114 in casa(config-if)#end casa#wr // ACL qui autorise la connexion des hosts du dpartement formation au serveur formation seulement et les hosts du dpartement commercial au serveur commercial rabat(config)#access-list 120 d rabat(config)#access-list 120 deny ip 192.168.14.0 0.0.0.255 host 192.168.16.3 rabat(config)#access-list 120 permit ip any any rabat(config)#interf f0/0 rabat(config-if)#ip rabat(config-if)#ip acc

rabat(config-if)#ip access-group 120 in rabat(config-if)#end rabat#wr // ACL nomme agadir(config)#ip access-list ex agadir(config)#ip access-list extended server agadir(config-ext-nacl)#deny ip host 192.168.16.2 192.168.15.0 0.0.0.255 agadir(config-ext-nacl)#deny ip host 192.168.16.3 192.168.14.0 0.0.0.255 agadir(config-ext-nacl)#permit ip any any agadir(config-ext-nacl)#exit agadir(config)#interf f0/0 agadir(config-if)#ip a agadir(config-if)#ip acc agadir(config-if)#ip access-group server % Incomplete command. agadir(config-if)#ip access-group server in agadir(config-if)#end %SYS-5-CONFIG_I: Configured from console by console agadir#wr

Switching
Interface vlan1 est une interface de gestion //crer des vlan Et leur atrribuer les interfaces suivantes : Vlan 10 : fa0/1, fa0/2, fa0/3 Vlan 20 : fa0/4, fa0/5, fa0/6

Vlan 30 : fa0/7, fa0/8, fa0/9

Switch>hos Switch>enable Switch>enable Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#host Switch(config)#hostname sw_a sw_a(config)#enable secret cisco sw_a(config)#line con 0 sw_a(config-line)#pas sw_a(config-line)#password cisco sw_a(config-line)#login sw_a(config-line)#exit sw_a(config)#line vty O 4 ^ % Invalid input detected at '^' marker.

sw_a(config)#line vty O 15 ^ % Invalid input detected at '^' marker.

sw_a(config)#line? line sw_a(config)#line vty? vty sw_a(config)#line vty 0 15 sw_a(config-line)#pas

sw_a(config-line)#password cisco sw_a(config-line)#login sw_a(config-line)#exit sw_a(config)#se sw_a(config)#service pass sw_a(config)#service password-encryption sw_a(config)#ip sw_a(config)#ip add sw_a(config)#? Configure commands: banner boot cdp clock enable end exit hostname interface ip line Define a login banner Boot Commands Global CDP configuration subcommands Configure time-of-day clock Modify enable password parameters Exit from configure mode Exit from configure mode Set system's network name Select an interface to configure Global IP configuration subcommands Configure a terminal line

mac-address-table Configure the MAC address table no service spanning-tree vlan vtp Negate a command or set its defaults Modify use of network based services Spanning Tree Subsystem

Vlan commands Configure global VTP state

sw_a(config)#vlan sw_a(config)#in sw_a(config)#interface ? Ethernet FastEthernet IEEE 802.3 FastEthernet IEEE 802.3

GigabitEthernet GigabitEthernet IEEE 802.3z Vlan Catalyst Vlans

sw_a(config)#interface vl sw_a(config)#interface vlan1 sw_a(config-if)#ip add sw_a(config-if)#ip address 192.168.1.1 255.255.255.0 sw_a(config-if)#no sw_a(config-if)#no sh sw_a(config-if)#no shutdown

%LINK-5-CHANGED: Interface Vlan1, changed state to up sw_a(config-if)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up

sw_a# sw_a# sw_a#show ru sw_a#show running-config Building configuration...

Current configuration : 1002 bytes ! version 12.1 service password-encryption ! hostname sw_a ! enable secret 5 $1$13Vp$bAX2FK3JRWJhJ7wz.IET// ! ! ! interface FastEthernet0/1 ! interface FastEthernet0/2 ! interface FastEthernet0/3 ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6

! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20

! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 ! line con 0 password 7 104D000A0618 login ! line vty 0 4 password 7 104D000A0618 login line vty 5 15 password 7 104D000A0618 login ! ! end

sw_a#conf t

Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#line vty 0 15 sw_a(config-line)#pass sw_a(config-line)#password cisco sw_a(config-line)#login sw_a(config-line)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a# sw_a# %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up sw_a#exit

sw_a con0 is now available

Press RETURN to get started.

User Access Verification

Password: % Password: timeout expired!

Password:

sw_a>cisco Translating "cisco"...domain server (255.255.255.255) % Name lookup aborted sw_a>enable Password: sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)# %SYS-5-CONFIG_I: Configured from console by console sw_a# %LINK-5-CHANGED: Interface FastEthernet0/2, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/3, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/4, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/5, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/5, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/4, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINK-5-CHANGED: Interface FastEthernet0/4, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/5, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/6, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/6, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/9, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up sw_a#show vl sw_a#show vlan

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 1002 fddi-default 1003 token-ring-default 1004 fddinet-default active active active

1005 trnet-default

active

VLAN Type SAID Trans2

MTU Parent RingNo BridgeNo Stp BrdgMode Trans1

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 1500 1500 1500 1500 0 0 0 0 0 0 0 0 0 0

1002 enet 101002 1003 enet 101003 1004 enet 101004 1005 enet 101005

sw_a#show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#exit %SYS-5-CONFIG_I: Configured from console by console active active active active

sw_a#show ? arp cdp clock dtp flash: history hosts interfaces ip Arp table CDP information Display the system clock DTP information display information about flash: file system Display the session command history IP domain-name, lookup style, nameservers, and host table Interface status and configuration IP information

mac-address-table MAC forwarding table port-security running-config sessions spanning-tree startup-config tcp users version vlan vtp Show secure port information Current operating configuration Information about Telnet connections Spanning Tree Topology Contents of startup configuration

Status of TCP connections Display information about terminal lines System hardware and software status VTP VLAN status VTP information

sw_a#show flash Directory of flash:/

1 -rw-

3058048

<no date> c2950-i6q4l2-mz.121-22.EA4.bin

32514048 bytes total (29456000 bytes free)

sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#vlan 10 sw_a(config-vlan)#vlan 20 sw_a(config-vlan)#vlan 30 sw_a(config-vlan)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a#show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 10 VLAN0010 20 VLAN0020 30 VLAN0030 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default active active active active active active active

sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#vlan 10 sw_a(config-vlan)#? VLAN configuration commands: exit Apply changes, bump revision number, and exit mode name Ascii name of the VLAN no Negate a command or set its defaults

sw_a(config-vlan)#name formation sw_a(config-vlan)#vlan 20 sw_a(config-vlan)#name commercial sw_a(config-vlan)#vlan 30 sw_a(config-vlan)#name production sw_a(config-vlan)#exit sw_a(config)#sh sw_a(config)#show sw_a(config)#showexit ^ % Invalid input detected at '^' marker.

sw_a(config)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#show vlan br

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 10 formation 20 commercial 30 production 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#interface f0/1 sw_a(config-if)#? cdp Global CDP configuration subcommands active active active active active active active

description Interface specific description duplex exit Configure duplex operation. Exit from interface configuration mode

mac-address Manually set interface MAC address no Negate a command or set its defaults Shutdown the selected interface Configure speed operation.

shutdown speed

switchport Set switching mode characteristics

sw_a(config-if)#sw sw_a(config-if)#switchport mo

sw_a(config-if)#switchport mode acce sw_a(config-if)#switchport mode access sw_a(config-if)#SW sw_a(config-if)#SWitchport ac sw_a(config-if)#SWitchport access v sw_a(config-if)#SWitchport access vlan 10 sw_a(config-if)#interf f0/2 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan % Incomplete command. sw_a(config-if)#switchport access vlan 10 sw_a(config-if)#interf f0/3 sw_a(config-if)#siwtchport mode access ^ % Invalid input detected at '^' marker.

sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 10 sw_a(config-if)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a#show vlan br sw_a#show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7

Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24 10 formation 20 commercial 30 production 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#vl sw_a(config)#vlan 20 sw_a(config-vlan)#interf f0/4 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 20 sw_a(config-if)#interf f0/5 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 20 sw_a(config-if)#interf f0/6 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 20 sw_a(config-if)#exit active active active active active active active Fa0/1, Fa0/2, Fa0/3

sw_a(config)#exit %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a#show vlan br

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/7, Fa0/8, Fa0/9, Fa0/10

Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24 10 formation 20 commercial 30 production 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default sw_a#conf t Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#vlan 30 sw_a(config-vlan)#interf f0/5 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport mode vlan 30 active active active active active active active Fa0/1, Fa0/2, Fa0/3 Fa0/4, Fa0/5, Fa0/6

^ % Invalid input detected at '^' marker.

sw_a(config-if)#switchport access vlan 30 sw_a(config-if)#vlan 20 sw_a(config-vlan)#interf f0/5 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 20 sw_a(config-if)#exit %SYS-5-CONFIG_I: Configured from console by console sw_a#show vlan br sw_a#show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/7, Fa0/8, Fa0/9, Fa0/10

Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24 10 formation 20 commercial 30 production 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default sw_a#conf t active active active active active active active Fa0/1, Fa0/2, Fa0/3 Fa0/4, Fa0/5, Fa0/6

Enter configuration commands, one per line. End with CNTL/Z. sw_a(config)#vlan 30 sw_a(config-vlan)#interf f0/7 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 30 sw_a(config-if)#interf f0/8 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 30 sw_a(config-if)#interf f0/8 sw_a(config-if)#interf f0/9 sw_a(config-if)#switchport mode access sw_a(config-if)#switchport access vlan 30 sw_a(config-if)#end %SYS-5-CONFIG_I: Configured from console by console sw_a#wr Destination filename [startup-config]? Building configuration... [OK] sw_a#show vlan brief

VLAN Name

Status

Ports

---- -------------------------------- --------- ------------------------------1 default active Fa0/10, Fa0/11, Fa0/12, Fa0/13

Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24 10 formation 20 commercial active active Fa0/1, Fa0/2, Fa0/3 Fa0/4, Fa0/5, Fa0/6

30 production 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default

active active

Fa0/7, Fa0/8, Fa0/9

active active active