VLAN - Part 4 (How to Configure Cisco VLANs) - www.ipcisco.com : www.ipcisco.com
You can Reach Our "CCNA Lab Courses with Packet Tracer" on Udemy.!!!
cisco-packet-tracer-ccna-adventure-1- cisco-packet-tracer-ccna-adventure-2-
Content Protection by DMCA.com

How to Configure Cisco VLANs



To Configure Cisco VLAN, firstly create the VLAN with the VLAN ID and then give it a name;
(The standard VLAN number range is 1 to 1005. 1002 to 1005 is reserved for Token Ring and FDDI.And lastly 1006 to 4094 range is used by VTP transparent mode)

Switch A (config)# vlan 2
Switch A (config-vlan)# name SecondDepartment

To assign a port to a VLAN firstly make that port access(because it will be an access port) then assign it to the VLAN;

Switch A (config)# interface fa0/0
Switch A (config-if)# switchport mode access
Switch A (config-if)# switchport access vlan 2

To configure a trunk port manually (better than using DTP);

Switch A (config)# interface fa0/1
Switch A (config-if)# switchport mode trunk
Switch(config-if)# switchport nonegotiate

To configure a trunk by using DTP(Dynamic Trunking Protocol);
(to actively form a trunk by desirable and pasively wait the other end to form a trunk by auto)

Switch(config)# interface fa0/1
Switch(config-if)# switchport mode dynamic desirable
Switch(config-if)# switchport mode dynamic auto

To select frame tagging protocol (for VLAN transfer between swicthes):

Switch A (config-if)# switchport trunk encapsulation isl

OR

Switch A (config-if)# switchport trunk encapsulation dot1.q

OR (using DTP)

Switch A (config-if)# switchport trunk encapsulation negotiate

To configure VLANs that will be carried in the trunk:
(to do an allowed VLAN list for trunk, to remove a VLAN and to add a VLAN)

Switch A (config-if)# switchport trunk allowed vlan 2,3,4,5
Switch A (config-if)# switchport trunk allowed vlan remove 4
Switch A (config-if)# switchport trunk allowed vlan except 3-5
Switch A (config-if)# switchport trunk allowed vlan add 6
Switch A (config-if)# switchport trunk allowed vlan all		

Native VLAN Configuration on a trunk port:

Switch A (config)# interface fa0/1
Switch A (config-if)# switchport mode trunk 
Switch A (config-if)# switchport trunk native vlan 5

To make the trunk to tag Native VLAN:

Switch A (config)# vlan dot1q tag native
Switch A (config)# interface fa0/1
Switch A (config-if)# switchport trunk native vlan 6

To see the VLAN assignment, use the following commands:

Switch A # show vlan
Switch A # show vlan brief
Switch A # show interface trunk
Switch A # show interface fa0/1 switchport

If you do not see any port on the output of show vlan or show vlan brief commands, it means that, missing port is a trunk port.

Switch#show vlan 

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
2    VLAN0002                         active    Fa0/2, Fa0/3
3    VLAN0003                         active    Fa0/4
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
2    enet  100002     1500  -      -      -        -    -        0      0
3    enet  100003     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0   
1003 tr    101003     1500  -      -      -        -    -        0      0   
1004 fdnet 101004     1500  -      -      -        ieee -        0      0   

For summary VLAN information, you can use show vlan vrief command.

Switch#show vlan brief 

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
2    VLAN0002                         active    Fa0/2, Fa0/3
3    VLAN0003                         active    Fa0/4
1002 fddi-default                     active    
1003 token-ring-default               active    
1004 fddinet-default                  active    
1005 trnet-default                    active    

For a trunk port, you can check the port information like below:

Switch#show interfaces fastEthernet 0/1 switchport 
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false

For an access port, you can check the port information like below:

Switch#show interfaces fastEthernet 0/2 switchport 
Name: Fa0/2
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 2 (VLAN0002)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none

The output of show interfaces trunk command is below:

Switch#show interfaces trunk 
Port        Mode         Encapsulation  Status        Native vlan
Fa0/1       on           802.1q         trunking      1

Port        Vlans allowed on trunk
Fa0/1       2-4

Port        Vlans allowed and active in management domain
Fa0/1       2,3

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/1       2,3
Switch#

To Sum up…

To sum up to configure Cisco VLAN, you need to think and configure the following parts:

– Creating VLAN and naming that VLAN
– Assigning access port to the VLAN
– Trunk configuration (manual OR by DTP, desirable or auto)
– Frame-tagging protocol (ISL or dot1.q)
– Native VLAN
– Allowed VLANs on trunks
– Checking the configuration by Show commands


We will continue with a packet tracer example for VLAN configuration. Continue with the next post ;)

To learn mode about VLAN(Vİrtual Local Area Network)s, continue with the following posts ;)

VLAN – Part 1
VLAN – Part 2 (VLAN Assignments and VLAN Port Types)
VLAN – Part 3 (VLAN Frame Tagging Protocols, ISL and Dot1.q)
VLAN – Part 4 (How to Configure Cisco VLANs)
VLAN – Part 5 (Packet Tracer VLAN Configuration Example)
VLAN Configuration on Huawei Switches

Private VLANs
Private VLAN Cisco Configuration

What is Protected Port?

You can Reach Our "CCNA Lab Courses with Packet Tracer" on Udemy.!!!
cisco-packet-tracer-ccna-adventure-1- cisco-packet-tracer-ccna-adventure-2-



About the Author
Gokhan Kosem is a telecommunation and network engineer. His ambition to IP networks and end-to-end system installation made him to prepare this web-site. By sharing his experiences about various networking protocols beside different system installation experiences and Cisco, Juniper, Alcatel-Lucent devices configurations, he is aimed to be helpful for his collegues in all over the world. He is currently lives in Istanbul, Turkey.

Leave a Reply


Copy Protected by Chetan's WP-Copyprotect.