| Please consider a donation to the Higher Intellect project. See https://preterhuman.net/donate.php or the Donate to Higher Intellect page for more info. |
Configuring Cisco Catalyst
Jump to navigation
Jump to search
en (to enable)
then enter passwork
Source: http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a008009478e.shtml#nativeios
You can create VLANs in either VLAN database mode or global configuration mode. You must create VLANs that are numbered higher than 1005 in global configuration mode. And the VTP mode must be set to transparent in order to create these VLANs. VLANs that are numbered higher than 1005 are not advertised by VTP. Furthermore, VLANs that are numbered higher than 1005 are stored in the switch configuration file and not in the VLAN .dat file. The default location of the VLAN .dat file in Catalyst 4000 Switches with Supervisor Engine IV is the cat4000_flash directory.
Switch#dir cat4000_flash:
Directory of cat4000_flash:/
1 -rw- 676 <no date> vlan.dat
524260 bytes total (523584 bytes free)
============================================================================================
The show vtp status command shows the VTP information in the switch.
Switch#show vtp status
VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 8
VTP Operating Mode : Server
VTP Domain Name : cisco
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xA4 0x18 0x78 0x52 0x5A 0x1B 0x2E 0x14
Configuration last modified by 0.0.0.0 at 5-28-01 05:17:02
Local updater ID is 10.10.10.1 on interface Vl1 (lowest numbered VLAN interface)
===============================================================================================
1.
Issue the show vlan command in order to check the VLAN information.
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/1, Gi1/2, Gi3/1, Gi3/2
Gi3/3, Gi3/4, Gi3/5, Gi3/6
Gi3/7, Gi3/8, Gi3/9, Gi3/10
Gi3/11, Gi3/12, Gi3/13, Gi3/14
Gi3/15, Gi3/16, Gi3/17, Gi3/18
!--- Output suppressed.
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
2.
Enter the correct mode, either database mode or global configuration mode.
In order to enter VLAN database mode, issue the vlan database command in privileged mode.
Switch#vlan database
Switch(vlan)#
3.
Issue the vlan vlan_number command in order to configure a VLAN.
Switch(vlan)#vlan 2
VLAN 2 added:
Name: VLAN0002
Switch(vlan)#apply
APPLY completed.
Note: For the configuration to take effect, you can either issue the apply command or exit out of VLAN database mode. The end keyword and Ctrl-Z exit methods do not work in VLAN database mode. Issue the exit command in order to exit out of VLAN database mode.
Issue these commands in order to perform the VLAN configuration in global configuration mode:
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#
4.
Issue the show run command in order to view VLANs that are numbered higher than 1005 in the running configuration.
Switch#show running-config
Building configuration...
Current configuration : 2975 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname Switch
!
!
ip subnet-zero
!
spanning-tree extend system-id
!
redundancy
mode rpr
main-cpu
auto-sync standard
!
!
vlan 2000
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
!--- Output suppressed.
In Cisco IOS Software, interfaces are in the shutdown state by default, unlike in CatOS-based switches. In CatOS, the port becomes active if it senses the presence of a physical link.
By default, Cisco IOS Software interfaces are Layer 2 interfaces on Catalyst 3550, 3750, and 4500 Series Switches. The interfaces are Layer 3 interfaces on Catalyst 6500/6000 Series Switches. You can configure the interface as a Layer 2 interface with the switchport command in interface configuration mode. You must issue this command before you assign an interface to a VLAN, if the interface is in Layer 3 mode. The command to assign an interface to a VLAN is switchport access vlan vlan_number .
Note: If the interface is configured as a Layer 3 interface, which means that the no switchport command is configured, you cannot assign the interface to a VLAN.
In order to associate the ports to VLANs in Cisco IOS Software, this minimum configuration is required:
Switch(config)#interface gigabitethernet 3/1
Switch(config-if)#switchport
!--- This command is required if the interface is in Layer 3 mode.
Switch(config-if)#switchport access vlan 2
Switch(config-if)#no shutdown
Issue the show interface gigabitethernet module/interface switchport command in order to check the Layer 2 interface status.
Switch#show interface gigabitethernet 3/1 switchport
Name: Gi3/1
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 2 (VLAN0002)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Voice VLAN: none (Inactive)
Appliance trust: none
Assign Multiple Ports to a Single VLAN
You can assign the multiple interfaces on a switch to a single VLAN. Issue these commands:
1.
Switch(config)#interface range fastethernet [mod/slot - mod/slot]
2.
Switch(config-if-range)#switchport access vlan vlan_number
3.
Switch(config-if-range)#switchport mode access
4.
Switch(config-if-range)#no shut
Note: The interface range command is not supported in all software releases. The interface range command is supported in Cisco IOS Software Release 12.1(13)EW and later.
Remove VLANs
In order to remove a VLAN from the VLAN database, issue the no vlan vlan_number command in either VLAN database mode or global configuration mode. This example uses the VLAN database mode to remove VLAN 2.
Switch#vlan database
Switch(vlan)#no vlan 2
Deleting VLAN 2...
Switch(vlan)#apply
APPLY completed.
The global configuration mode does not log any message on the console that indicates the deletion of the VLAN. However, you can issue the show vlan command in order to verify the deletion of the VLAN.
========================================================================================================================================================
Configure Vlan1:
# config t
then specify the interface you want to configure
# interface Vlan1
# ip address <IP_and_subnet_mask_here>
example:
# ip address 192.168.1.98 255.255.255.0
then to disable the box from auto-shutdown, type the following:
# no shutdown
Exit out of the 'config t' mode by typing 'exit' twice
LabSwitch(config-if)# exit
LabSwitch(config)# exit
then save your configuration by typing the following:
LabSwitch# write mem
you should now be able to log into the box via http://
Notes:
Understanding the VTP Domain:
VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. VTP minimizes misconfigurations and configuration inconsistencies that can result in a number of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations.
A VTP domain is made up of one or more interconnected network devices that share the same VTP domain name. A network device can be configured to be in only one VTP domain. You make global VLAN configuration changes for the domain using either the command-line interface (CLI) or Simple Network Management Protocol (SNMP).
TransparentóVTP transparent network devices do not participate in VTP. A VTP transparent network device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent network devices do forward VTP advertisements that they receive on their trunking LAN interfaces.