Friday, 1 February 2019

VLAN

VLAN

Open console of router by default you are in user mode
Switch>

Write command enable to enter privilege mode
Switch>enable                                
Switch#    

Write command configure terminal to enter global config mode
Switch
#configure terminal
Switch(config)#

All the configuration are done in  global config mode


Show all the vlan of a switch
Go to  privilege mode
Switch#

Enter command ->show valn
Switch#show valn

Create a vlan
Go to  global config mode
Switch(config)#

Enter command ->vlan vlanNumber
Switch(config)#vlan 50

 Enter command ->name vlanName
Switch(config-vlan)#name data

 Enter command ->exit for switching to global config mode
Switch(config-vlan)#exit


Assign ports of switch to a vlan
Go to  global config mode
Switch(config)#

Enter command ->interface interfaceName
Switch(config)#interface fa0/10

Enter command ->switchport mode access
Switch(config-if)#switchport mode access

Enter command ->switchport access vlan vlanNumber
Switch(config-if)#switchport access vlan 50
 
 Enter command ->exit for switching to global config mode
Switch(config-if)#exit

Assign IP address to vlan interface
Go to  global config mode
Switch(config)#

Enter command ->interface vlan vlanNumber
Switch(config)#interface valn 99

Enter command ->ip address VlanIP netMask 
Switch(config-if)#ip address 192.168.99.2 255.255.255.0

Enter command ->no shutdown
Switch(config-if)#no shutdown

Makeing a port trunk
Go to  global config mode
Switch(config)#

Enter command ->interface interfaceName
Switch(config)#interface fa0/10

Enter command ->switchport mode trunk
Switch(config-if)#switchport mode trunk

Enter command ->switchport trunk allowed valn from-to
Switch(config-if)#switchport trunk allowed valn 1-99
 
 Enter command ->exit for switching to global config mode
Switch(config-vlan)#exit

Config Native Vlan

Go to  global config mode
Switch(config)#

Enter command ->vlan vlanNumber
Switch(config-if)#vlan 80

Enter command ->name native
Switch(config-vlan)#name native

 Enter command ->switchport trunk native vlanNumber
Switch(config-vlan)#switchport trunk native 80

Show details of interfaces of switch
Go to  privilege mode
Switch#

Enter command ->show interfaces switch-port
Switch#show interfaces switch-port

Show details of spanning tress of switch
Go to  privilege mode
Switch#

Enter command ->show spanning-trees
Switch#show interfaces spanning-trees

Enable security on interfaces
Go to  global config mode
Switch(config)#

Enter command -> interface interface-name0/fromInt-ToInt
eg. Below command will configure interface 1 to 3
Switch(config)#interface range fa0/1-3

Change switch port mode to access  mode
Switch(config-if-range)#switchport mode access

Assign vlan interfaces to a vlan (this command automatically creates vlan if they does not exist)
Switch(config-if-range)#switchport mode access vlan 22

 Disable CDP on all port
Switch(config-if-range)#no cdp enable

Enable BPDU gaurd
Switch(config-if-range)#spanning-tree bpduguard enable

Close
Switch(config-if-range)#shutdown

Access security on port  
Go to  global config mode
Switch(config)#

Enter command -> interface interface-name0/fromInt-ToInt
eg. Below command will configure interface 1 to 3
Switch(config)#interface range fa0/1-3

Enter command ->switchport port-security maximum num
Here num is number of mac or devices allowed in single port
Switch(config-if-range)#switchport port-security maximum 1

Enter command ->switchport port-security violation shutdown
It will shutdown interface on voilation of  security
Switch(config-if-range)#switchport port-security violation shutdown


Enter command ->strom-control broadcast level percentage
Here percentage in amount of broadcast traffic allowed  
Switch(config-if-range)#strom-control broadcast level 75
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)