Net201: Networking With Lab 2: Configuring and Troubleshooting Vlans and Trunking

NET201: Networking with Lab 2
Configuring and Troubleshooting VLANs and Trunking

Laboratory Exercise # 2
GRADE
Group No. : ____ Signature
Leader: LIWANAG, JAMES RYAN C. ___________________

Members :
RODELAS, LYKA B. ___________________
STA MONICA, MATTHEW C. ___________________
Date Performed : 15 September 2019

Date Submitted : 17 September 2019
MR. LEONARDO ANTIVO

(Lab Instructor)
OBJECTIVES AND MATERIALS
Objectives:
After this laboratory, students should be able to:
1. build the network and configure basic device settings,

2. create VLANs and assign switch ports,
3. maintain VLAN port assignments and the VLAN database,
4. configure an 802.1Q trunk between the switches,
5. delete the VLAN database, and
6. troubleshoot VLAN.
Materials:
QUANTITY PART DESCRIPTION

NUMBER
Working Personal Computer (PC)
1 - with Installed Cisco Packet Tracer
Software
Scenario:
Modern switches use virtual local-area networks (VLANs) to improve

network performance by separating large Layer 2 broadcast domains into smaller
ones. VLANs can also be used as a security measure by controlling which hosts
can communicate. In general, VLANs make it easier to design a network to
support the goals of an organization.
VLAN trunks are used to span VLANs across multiple devices. Trunks
allow the traffic from multiple VLANS to travel over a single link, while keeping
the VLAN identification and segmentation intact.
In this lab, you will create VLANs on both switches in the topology, assign
VLANs to switch access ports, verify that VLANs are working as expected, and
then create a VLAN trunk between the two switches to allow hosts in the same
VLAN to communicate through the trunk, regardless of which switch the host is
actually attached to.
Note: The switches used are Cisco Catalyst 2960s with Cisco IOS Release
15.0(2). Other switches and Cisco IOS versions can be used. Depending on the
model and Cisco IOS version, the commands available and output produced
might vary from what is shown in the labs. Also, ensure that the switches have
been erased and have no startup configurations.
PROCEDURES
PART 1 – Configuring VLANs and Trunking
Task 1. Build the Network and Configure Basic Device Settings.

1. Cable the network topology as shown in Figure 2.1 using Packet Tracer network
simulator software.
2. Initialize and reload the router and switch. Note: If configuration files were
previously saved on the router or switch, initialize and reload these devices back
to their default configurations (Reminders: Capture all the outputs since they
part of your data results).
3. Configure basic settings for each switch.
3.1. Console into the switch and enter global configuration mode.
3.2. Execute the basic configuration on each switch such as:
a. Configure the host name as shown in the topology,
b. Disable IP domain lookup,
c. Enable password encryption,
d. Provide enable password (DCE_SW = “dce”, DBA_SW = “dba”)
e. Include message of the day banner (DCE_SW = “This is DCE office,
unauthorized access is strictly prohibited” and DBA_SW = “This DBA
office, unauthorized access is strictly prohibited”)
f. Provide a password for console 0 and virtual terminal type 0 to 15 during
login (DCE_SW = “dcesilver” and DBA_SW = “dbatiger”)
3.3. Configure the IP address listed in the addressing table p12resented in Table
2.2 for VLAN 1 on the switch.
3.4. Administratively deactivate all unused ports on the switch.
3.5. Copy the running configuration to the startup configuration.
4. Configure PC hosts (Refer to the addressing table (Table 2.1) for PC host
address information)
5. Test connectivity. Verify that the PC hosts can ping one another.
5.1. Can DBA-PC ping DCE-PC1? (yes/no) _____
5.2. Can DBA-PC ping DCE-PC2? (yes/no) _____
5.3. Can DBA-PC ping DBA_SW VLAN1? (yes/no) _____
5.4. Can DCE-PC1 ping DCE-PC2? (yes/no) _____
5.5. Can DCE-PC1 ping DCE_SW VLAN1? (yes/no) _____
5.6. Can DCE-PC2 ping DCE_SW VLAN1? (yes/no) _____
5.6. Can DBA_SW and DCE_SW VLAN1’s? (yes/no) _____
If you answered no to any of the above questions, why were the pings
unsuccessful?
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
Task 2. Create VLANs and Assign Switch Ports

In task 2, you will create STUDENT, FACULTY, and MANAGEMENT VLANs on both
switches. You will then assign the VLANs to the appropriate interface. The show VLAN
command is used to verify your configuration settings.
1. Create VLANs on the switches.
1.1. Create the VLANs on DBA_SW.
1.2. Create the same VLANs on DCE_SW.
1.3. Issue the show vlan command to view the list of VLANs on DBA_SW.
1.4. Repeat (c) to view the list of VLANs on DCE_SW.
What is the default VLAN? ___________

What ports are assigned to the default VLAN?
________________________________________________________________
________________________________________________________________
________________________________________________________________
2. Assign VLANs to the correct switch interfaces.

2.1. Assign DBA-PC to the STUDENT VLAN.
DBA_SW> en
DBA_SW# conf t
DBA_SW(config)# int fa0/6
DBA_SW(config-if)# switchport mode access
DBA_SW(config-if)# switchport access vlan 10
DBA_SW(config-if)# end
DBA_SW#
2.2. Move the switch IP address VLAN 99 (MANAGEMENT VLAN).

DBA_SW> en
DBA_SW# conf t
DBA_SW(config)# int vlan 1
DBA_SW(config-if)# no ip add
DBA_SW(config-if)# int vlan 99
DBA_SW(config-if)# ip add 192.168.1.11 255.255.255.0
DBA_SW#
3. Issue the show vlan brief command and verify that the VLANs are assigned
to the correct interfaces.
4. Issue the show ip interface brief command.
What is the status of VLAN 99? Why?

________________________________________________________________
________________________________________________________________
5. Use the network topology to assign VLANs to the appropriate ports on DCE_SW.
6. Remove the IP address for VLAN 1 on DCE_SW.
7. Configure an IP address for VLAN 99 on DCE_SW according to the addressing
table in Table 2.1.
8. Use the show vlan brief command to verify that the VLANs are assigned to
the correct interfaces.
9. Verify the connectivity using ping command and observe the output.
Is DBA-PC able to ping DCE-PC1? Why?
________________________________________________________________
________________________________________________________________
Is DBA_SW able to ping DCE_SW? Why?
________________________________________________________________
________________________________________________________________
Task 3. Maintain VLAN Port Assignments and the VLAN Database

In task 3, you will change VLAN assignments to ports and remove VLANs from the
VLAN database.
1. Assign a VLAN to multiple interfaces.
1.1. On DBA_SW, assign interfaces from fa0/11 to fa0/24 to VLAN 10 using int
range command.
1.2. Issue the show vlan brief command to verify VLAN assignments.
1.3. Reassign Fa0/11 and Fa0/21 to VLAN 20.
1.4. Use show vlan brief to verify that VLAN assignments are correct.
2. Remove a VLAN assignment from an interface.
2.1. Use the no switchport access vlan command to remove the VLAN
10 assignment to Fa0/24.
DBA_SW> en
DBA_SW# conf t
DBA_SW(config-if)# no switchport access vlan
2.2. Use show vlan brief to verify that the VLAN change was made.
Which VLAN is Fa0/24 now associated with?
____________________________________________________________
____________________________________________________________
3. Remove a VLAN ID from the VLAN database.
3.1. Add VLAN 30 to interface Fa0/24 without issuing the VLAN command.
DBA_SW> en
DBA_SW# conf t
DBA_SW(config-if)# switchport access vlan 30
Note: Current switch technology no longer requires that the vlan command be
issued to add a VLAN to the database. By assigning an unknown VLAN to a port,
the VLAN adds to the VLAN database.
3.2. Verify that the new VLAN is displayed in the VLAN table.
What is the default name of VLAN 30?
____________________________________________________________
3.3. In the global configuration mode, issue a no vlan 30 command to

remove VLAN 30 from the VLAN database.
3.4. Issue the show vlan brief command. Fa0/24 was assigned to VLAN
30.
____________________________________________________________
Note: Before removing a VLAN from the database, it is recommended that you
reassign all the ports assigned to that VLAN.
Why should you reassign a port to another VLAN before removing the VLAN
from the VLAN database?
________________________________________________________________
________________________________________________________________
________________________________________________________________
Task 4. Configure an 802.1Q Trunk Between the Switches

In task 4, you will configure interface Fa0/1 of DBA_SW to use the Dynamic Trunking
Protocol (DTP) to allow it to negotiate the trunk mode. After this has been accomplished
and verified, you will disable DTP on interface Fa0/1 and manually configure it as a
trunk.
1. Use DTP to initiate trunking on Fa0/1.
The default DTP mode of a 2960 switch port is dynamic auto. This allows
the interface to convert the link to a trunk if the neighboring interface is set to
trunk or dynamic desirable mode.
1.1. Set Fa0/1 on DBA_SW to negotiate trunk mode.
DBA_SW> en
DBA_SW# conf t
DBA_SW(config)# int f0/1
DBA_SW(config-if)# switchport mode dynamic desirable
DBA_SW#
Note: You should also receive link status messages on DCE_SW. Check this in
DCE_SW command-line interface (CLI).
1.2. Issue the show vlan brief command on DBA_SW and DCE_SW.
Interface Fa0/1 is no longer assigned to VLAN 1. Trunked interfaces are not
listed in the VLAN table.
1.3. In the global configuration mode, issue the show interfaces trunk
command to view trunked interfaces on each switch. Notice that the mode
on DBA_SW is set to desirable, and the mode on DCE_SW is set to auto.
Note: By default, all VLANs are allowed on a trunk. The switchport trunk
command allows you to control what VLANs have access to the trunk. For this
lab, keep the default settings which allows all VLANs to traverse Fa0/1.
1.4. Verify that VLAN traffic is traveling over trunk interface Fa0/1.
a. Can DBA_SW ping DCE_SW? (yes/no) _____
b. Can DBA-PC ping DCE-PC1? (yes/no) _____
c. Can DBA-PC ping DCE_PC2? (yes/no) _____
d. Can DCE-PC1 ping DCE-PC2? (yes/no) _____
e. Can DBA-PC ping DBA_SW? (yes/no) _____
f. Can DCE-PC1 ping DCE_SW? (yes/no) _____
g. Can DCE_PC2 and DCE_SW? (yes/no) _____
If you answered no to any of the above questions, explain below.

________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
________________________________________________________________
2. Manually configure trunk interface Fa0/1.

The switchport mode trunk command is used to manually configure a
port as a trunk. This command should be issued on both ends of the link.
2.1. Change the switchport mode on interface Fa0/1 to force trunking. Make
sure to do this on both switches.
DBA_SW> en
DBA_SW# conf t
DBA_SW(config-if)# switchport mode trunk
DBA_SW#
2.2. Issue the show interfaces trunk command to view the trunk mode in
DCE_SW. Notice that the mode changed from desirable to on.
Why might you want to manually configure an interface to trunk mode instead of
using DTP?
________________________________________________________________
________________________________________________________________
________________________________________________________________
Task 5. Delete the VLAN Database

In task 5, you will delete the VLAN Database from the switch. It is necessary to do
this when initializing a switch back to its default settings.
1. Determine if the VLAN database exists. Issue the show flash command to
determine if a vlan.dat file exists in flash.
Note: If there is a vlan.dat file located in flash, then the VLAN database does not
contain its default settings.
2. Delete the VLAN database.
DBA_SW> en
DBA_SW# delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]
DBA_SW#
DCE_SW> en
DCE_SW# delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]
DCE_SW#
3. Issue the show flash command to verify that the vlan.dat file has been
deleted.
To initialize a switch back to its default settings, what other commands are
needed?
________________________________________________________________
________________________________________________________________
________________________________________________________________
4. Save your Packet Tracer file as NET201 Lab 2a – Group#
PART 2 – Troubleshooting VLAN Configurations
Task 1. Build the Network and Configure Basic Device Settings

In task 1, you will set up the network topology and configure the switches with some
basic settings, such as passwords and IP addresses. Preset VLAN-related
configurations, which contain errors, are provided for you for the initial switch
configurations. You will also configure the IP settings for the PCs in the topology.
1. Cable the network topology as shown in Figure 2.2.
2. Configure PC hosts.
3. Initialize and reload the switches as necessary.
4.1. Disable DNS lookup.
4.2. Configure the IP address according to the addressing table in Table 2.2 and
Table 2.3.
4.3. Assign (“dcesilver” at DCE_SW and “dastegreen” at DASTE_SW) as the
console and vty passwords and enable login for console and vty lines.
4.4. Assign (“dce” at DCE_SW and “daste” at DASTE_SW) as the privileged
EXEC password.
4.5. Configure logging synchronous to prevent console messages from
interrupting command entry.
5. Load switch configurations. The configurations for the switches DCE_SW and
DASTE_SW are provided for you. There are errors within these configurations,
and it is your job to determine the incorrect configurations and correct them.
From global configuration mode, copy and paste the switch configuration below.
5.1. DCE switch with error configuration:
vlan 10
name STUDENTS
vlan 2
!vlan 20
name FACULTY
vlan 30
name GUEST
interface range fa0/1-24
switchport mode access
shutdown
!interface fa0/1
!switchport mode trunk
!no shutdown
!interface range fa0/6-12
switchport access vlan 10
!switchport access vlan 20
end
5.2. DASTE switch with error configuration:

vlan 10
name STUDENTS
vlan 20
name FACULTY
vlan 30
name GUEST
interface fa0/1
switchport mode trunk
switchport trunk allowed vlan 1,10,2,30
!switchport trunk allowed vlan 1,10,20,30
switchport mode access
shutdown
!interface range fa0/6-12
!switchport access vlan 10
shutdown
end
6. Copy the running configuration to the startup configuration.
Task 2. Troubleshoot VLAN 10

In task 2, you must examine VLAN 10 on DCE_SW and DASTE_SW to
determine if it is configured correctly. You will troubleshoot the scenario until connectivity
is established.
1. Troubleshoot VLAN 10 on DCE_SW.
1.1. Can DCE-PC ping DCE-PC1? (yes/no) _____
1.2. After verifying that DCE-PC was configured correctly, examine the
DCE_SW switch to find possible configuration errors by viewing a summary
of the VLAN information. Enter the show vlan brief command.
Are there any problems with the VLAN configuration?
________________________________________________________________
1.3. Examine the switch for trunk configurations using the show interfaces
trunk and the show interfaces fa0/1 switchport commands.
Are there any problems with the trunking configuration?

________________________________________________________________
1.4. Examine the running configuration of the switch to find possible
configuration errors. Are there any problems with the current configuration?
Are there any problems with the current configuration?

________________________________________________________________
________________________________________________________________
1.5. Correct the errors found regarding Fa0/1 and VLAN 10 on DCE_SW.
DCE_SW> en
DCE_SW# conf t
DCE_SW(config)# interface fa0/1
DCE_SW(config-if)# no shutdown
DCE_SW(config-if)# switchport mode trunk
DCE_SW(config-if)# interface fa0/6
DCE_SW(config-if)# switchport access vlan 10
DCE_SW(config-if)# end
DCE_SW#
1.6. Verify the commands had the desired effects by issuing the appropriate
show commands such as show interfaces trunk and show vlan
brief.
Can DCE-PC ping DASTE_PC1?

________________________________________________________________
2. Troubleshoot VLAN 10 on DASTE_SW.

2.1. Using the previous commands, examine the DASTE_SW switch to find
possible configuration errors.

________________________________________________________________
2.2. Correct the errors found regarding interfaces and VLAN 10 on

DASTE_SW.
DASTE_SW> en
DASTE_SW# conf t
DASTE_SW(config)# interface range fa0/6-12
DASTE_SW(config-if)# switchport access vlan 10
DASTE_SW(config-if)# interface fa0/11
DASTE_SW(config-if)# no shutdown
DASTE_SW(config-if)# end
DASTE_SW#
Can DCE-PC ping DASTE-PC1? (yes/no) _____
Task 3. Troubleshoot VLAN 20

In task 3, you must examine VLAN 20 on DCE_SW and DASTE_SW to
determine if it is configured correctly. To verify functionality, you will reassign DCE-PC
into VLAN 20, and then troubleshoot the scenario until connectivity is established.
1. Assign DCE-PC to VLAN 20.
1.1. On DCE-PC, change the IP address to 192.168.20.2 /24 with a default
gateway of 192.168.20.1.
1.2. On DCE_SW, assign the port for DCE-PC to VLAN 20. Execute the
commands needed to complete the configuration.
1.3. Issue a show vlan brief to verify that the port for DCE-PC has been
assigned to VLAN 20.
Can DCE-PC ping DASTE-PC2? (yes/no) Why?
________________________________________________________________
________________________________________________________________

2.1. Using the previous commands, examine the DCE_SW switch to find
________________________________________________________________
________________________________________________________________
________________________________________________________________
2.2. Correct the errors found regarding VLAN 20.
DCE> en
DCE_SW# conf t
DCE_SW(config)# no vlan 2
DCE_SW(config)# vlan 20
DCE_SW(config-vlan)# name FACULTY
DCE_SW(config)# int range fa0/13-18
DCE_SW(config-if-range)# switchport access vlan 20
DCE_SW(config-if-range)# end
DCE_SW#

________________________________________________________________
________________________________________________________________
________________________________________________________________
3.1. Using the previous commands, examine the DASTE_SW switch to find
________________________________________________________________
________________________________________________________________
3.2. Correct the errors found regarding VLAN 20. Issue the commands used
below.
DASTE_SW> en
DASTE_SW# conf t
DASTE_SW(config)# int fa0/18
DASTE_SW(config-if)# exit
DASTE_SW(config-if)# switchport trunk allowed vlan remove 2
DASTE_SW(config-if)# switchport trunk allowed vlan add 20
DASTE_SW#

________________________________________________________________
________________________________________________________________
________________________________________________________________
Note: It may be necessary to disable the PC firewall to ping between PCs.
4. Save your Packet Tracer file as NET201 Lab 2b – Group#
NETWORK TOPOLOGY DIAGRAM
Figure 2.1. Switch environment network diagram for Part 1

DATA RESULTS
Table 2.1. Summary of network device interface IP addresses

SUBNET DEFAULT
NETWORK DEVICE INTERFACE IP ADDRESS
ADDRESS GATEWAY
DBA_SW VLAN 1 192.168.1.11 255.255.255.0 NA
DCE_SW VLAN 1 192.168.1.12 255.255.255.0 NA
DBA-PC NIC 192.168.10.3 255.255.255.0 192.168.10.1
DCE-PC1 NIC 192.168.10.4 255.255.255.0 192.168.10.1
DCE-PC2 NIC 192.168.20.3 255.255.255.0 192.168.20.1
Table 2.2. Summary of network device interface IP addresses

SUBNET DEFAULT
NETWORK DEVICE INTERFACE IP ADDRESS
ADDRESS GATEWAY
DCE_SW VLAN 1 192.168.1.2 255.255.255.0 NA
DASTE_SW VLAN 1 192.168.1.3 255.255.255.0 NA
DCE-PC NIC 192.168.10.2 255.255.255.0 192.168.10.1
DASTE-PC1 NIC 192.168.10.3 255.255.255.0 192.168.10.1
DASTE-PC2 NIC 192.168.20.3 255.255.255.0 192.168.20.1
Table 2.3. Summary of Switch Port Assignment Specifications

INTERFACE PORT ASSIGNEMENT DEFAULT GATEWAY
Fa0/1 802.1Q Trunk NA
Fa0/6-12 VLAN 10 - STUDENTS 192.168.10.0 /24
Fa0/13-18 VLAN 20 - FACULTY 192.168.20.0 /24
Fa0/19-24 VLAN 30 - GUEST 192.168.30.0 /24
Part 1 - Configuring VLANs and Trunking

Task 1. Set Up the Topology and Initialize Devices (CLI commands, results, or
answers to some question)
1. Cable the network topology as shown in Figure 2.1 using Packet Tracer
network simulator software.
2. Initialize and reload the router and switch.

DBA_SW
DCE_SW
3.1. Console into the switch and enter global configuration mode.
3.2. Execute the basic configuration on each switch such as:

a. Configure the host name as shown in the topology,
b. Disable IP domain lookup,

c. Enable password encryption,
d. Provide enable password (DCE_SW = “dce”, DBA_SW = “dba”)
e. Include message of the day banner (DCE_SW = “This is DCE

office, unauthorized access is strictly prohibited” and DBA_SW =
“This DBA office, unauthorized access is strictly prohibited”)
f. Provide a password for console 0 and virtual terminal type 0 to 15
during login (DCE_SW = “dcesilver” and DBA_SW = “dbatiger”)
3.3. Configure the IP address listed in the addressing table p12resented
in Table 2.2 for VLAN 1 on the switch.
3.4. Administratively deactivate all unused ports on the switch.
3.5. Copy the running configuration to the startup configuration.
4. Configure PC hosts (Refer to the addressing table (Table 2.1) for PC host
address information)
5. Test connectivity. Verify that the PC hosts can ping one another.
5.1. Can DBA-PC ping DCE-PC1? YES
5.2. Can DBA-PC ping DCE-PC2? NO

5.3. Can DBA-PC ping DBA_SW VLAN1? NO
5.4. Can DCE-PC1 ping DCE-PC2? NO

5.5. Can DCE-PC1 ping DCE_SW VLAN1? NO
5.6. Can DCE-PC2 ping DCE_SW VLAN1? NO

5.6. Can DBA_SW and DCE_SW VLAN1’s? YES
If you answered no to any of the above questions, why were the pings
unsuccessful?
The ping between DBA-PC and DCE-PC2, DBA-PC and DBA_SW
VLAN1, DCE-PC1 ping DCE-PC2, DCE-PC1 and DCE_SW VLAN1, DCE-
PC2 ping DCE_SW VLAN1, were unsuccessful pings because the device
where ping on a different subnets. While the ping between DBA-PC and
DCE-PC1, and DBA_SW and DCE_SW VLAN1’s were successful
because their default gateway exists to route from one subnet and to
another subnet.
Task 2. Configure Basic Device Settings and Verify Connectivity (CLI

commands, results, or answers to some question)
1. Create VLANs on the switches.
1.5. Create the VLANs on DBA_SW.

1.6. Create the same VLANs on DCE_SW.
1.7. Issue the show vlan command to view the list of VLANs on
DBA_SW.
1.8. Repeat (c) to view the list of VLANs on DCE_SW.
What is the default VLAN? VLAN 1

What ports are assigned to the default VLAN?
The ports that are assigned to the default VLAN are Fa0/1, Fa0/2,
Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12,
Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21,
Fa0/22, Fa0/23, Fa0/24. To summarize all of the ports are assigned to
VLAN 1 by default.
1. Assign a VLAN to multiple interfaces.

1.1. On DBA_SW, assign interfaces from fa0/11 to fa0/24 to VLAN 10
using int range command.
1.2. Issue the show vlan brief command to verify VLAN assignments.
1.3. Reassign Fa0/11 and Fa0/21 to VLAN 20.

1.4. Use show vlan brief to verify that VLAN assignments are correct.
2. Remove a VLAN assignment from an interface.

2.1. Use the no switchport access vlan command to remove the VLAN
10 assignment to Fa0/24.
2.2. Use show vlan brief to verify that the VLAN change was made.
Which VLAN is Fa0/24 now associated with?
- Fa0/24 is now associated with VLAN 1 the default VLAN.
3. Remove a VLAN ID from the VLAN database.
3.1. Add VLAN 30 to interface Fa0/24 without issuing the VLAN
command.
3.2. Verify that the new VLAN is displayed in the VLAN table.
What is the default name of VLAN 30?
VLAN30-MANAGEMENT
3.3. In the global configuration mode, issue a no vlan 30 command to
remove VLAN 30 from the VLAN database.
3.4. Issue the show vlan brief command. Fa0/24 was assigned to VLAN
30.
Why should you reassign a port to another VLAN before removing the
VLAN from the VLAN database?
We should reassign the port to another VLAN before removing the
VLAN from the VLAN database because the interface port assigned to the
VLAN 30 which is removed from the VLAN database are unavailable for
the port will used it should be assigned to another VLAN.

1. Use DTP to initiate trunking on Fa0/1

1.1. Set Fa0/1 on DBA_SW to negotiate trunk mode.
1.2. Issue the show vlan brief command on DBA_SW and DCE_SW.
Interface Fa0/1 is no longer assigned to VLAN 1. Trunked
interfaces are not listed in the VLAN table.
DBA_SW
1.3. In the global configuration mode, issue the show interfaces trunk
command to view trunked interfaces on each switch. Notice that the
mode on DBA_SW is set to desirable, and the mode on DCE_SW
is set to auto.
1.4. Verify that VLAN traffic is traveling over trunk interface Fa0/1.
a. Can DBA_SW ping DCE_SW? (yes/no) YES
b. Can DBA-PC ping DCE-PC1? (yes/no) YES
c. Can DBA-PC ping DCE_PC2? (yes/no) NO

d. Can DCE-PC1 ping DCE-PC2? (yes/no) NO
e. Can DBA-PC ping DBA_SW? (yes/no) NO

f. Can DCE-PC1 ping DCE_SW? (yes/no) NO
g. Can DCE_PC2 and DCE_SW? (yes/no) NO

If you answered no to any of the above questions, explain below.
DCE-PC2 cannot ping the two of the PC’s which is the DCE-PC
and DCE-PC1 because DCE-PC2 is in a different VLAN. Also the
switches are in VLAN’s that the PCs that’s why the pings were
unsuccessful.
2. Manually configure trunk interface Fa0/1.

2.1. Change the switchport mode on interface Fa0/1 to force trunking.
Make sure to do this on both switches.
2.2. Issue the show interfaces trunk command to view the trunk mode in
DCE_SW. Notice that the mode changed from desirable to on.
Why might you want to manually configure an interface to trunk mode

instead of using DTP?
We manually configure an interface to trunk mode instead of using
DTP because not all equipment’s are using Dynamic Trunking Protocol.
With the use of switchport mode trunk command it ensures that the port
will become a trunk whatever type of equipment is connected to the link.
1. Determine if the VLAN database exists. Issue the show flash command to
determine if a vlan.dat file exists in flash.
2. Delete the VLAN database.
3. Issue the show flash command to verify that the vlan.dat file has been
deleted.
To initialize a switch back to its default settings, what other commands are
needed?
The other commands are needed to initialize a switch back to its
default settings is erase startup-config and reload commands. It is also
needed command issued after the delete vlan.dat command.
4. Save your Packet Tracer file as NET201 Lab 2a – Group#

Part 2 - Troubleshooting VLAN Configurations
Task 1. Set Up the Topology and Initialize Devices (CLI commands, results, or
answers to some question)
1. Cable the network topology as shown in Figure 2.2.

2. Configure PC hosts.
3. Initialize and reload the switches as necessary.
DCE_SW
Switch> en
Switch# sh run
Building configuration...
Current configuration : 971 bytes

!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
Switch#
DASTE_SW
Switch> en
Switch# sh run
Current configuration : 971 bytes

!
version 12.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
spanning-tree mode pvst
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
end
4. Configure basic settings for each switch

DCE_SW
Switch> en
Switch# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# hostname DCE_SW
DASTE_SW
Switch> en
Switch#conf t
Switch(config)# hostname DASTE_SW
DASTE_SW(config)#
4.1. Disable DNS lookup.

DCE_SW
DCE_SW(config)# no ip domain-look up
DASTE_SW
DASTE_SW(config)# no ip domain-look up
4.2. Configure the IP address according to the addressing table in Table

2.2 and Table 2.3.
DCE_SW
DCE_SW# conf t
DCE_SW(config)# int vlan 1
DCE_SW(config-if)# ip add 192.168.1.2 255.255.255.0
DCE_SW(config-if)# no shut
DCE_SW(config-if)#
%LINK-5-CHANGED: Interface Vlan1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to

up
DASTE_SW
DASTE_SW# conf t
DASTE_SW(config)# int vlan 1
DASTE_SW(config-if)# ip add 192.168.1.3 255.255.255.0
DASTE_SW(config-if)# no shut
DASTE_SW(config-if)#
%LINK-5-CHANGED: Interface Vlan1, changed state to up

up
4.3. Assign (“dcesilver” at DCE_SW and “dastegreen” at DASTE_SW)

as the console and vty passwords and enable login for console and
vty lines.
DCE_SW
DCE_SW(config)# line con 0
DCE_SW(config-line)# password dcesilver
DCE_SW(config-line)# login
DCE_SW(config-line)# exit
DCE_SW(config)# line vty 0 15
DCE_SW(config)# end
DCE_SW#
%SYS-5-CONFIG_I: Configured from console by console
DASTE_SW
DASTE_SW(config)# line con 0
DASTE_SW(config-line)# password dastegreen
DASTE_SW(config-line)# login
DASTE_SW(config-line)# exit
DASTE_SW(config)# line vty 0 15
DASTE_SW(config)#end
4.4. Assign (“dce” at DCE_SW and “daste” at DASTE_SW) as the
privileged EXEC password.
DCE_SW
DCE_SW(config)# service password-encryption
DCE_SW(config)# enable password dce
DASTE_SW
DASTE_SW(config)# service password-encryption
DASTE_SW(config)# enable password daste
4.5. Configure logging synchronous to prevent console messages from

interrupting command entry.
DCE_SW
DCE_SW(config)# line con 0
DCE_SW(config-line)# logging synchronous
DCE_SW(config-line)# line vty 0 15
DCE_SW(config-line)# logging synchronous
DCE_SW(config)# end
DCE_SW#
DCE_SW#
DASTE_SW
DASTE_SW(config)# line con 0
DASTE_SW(config-line)# logging synchronous
DASTE_SW(config-line)# line vty 0 15
DASTE_SW(config)# end
DASTE_SW#
5. Load switch configurations. The configurations for the switches DCE_SW

and DASTE_SW are provided for you. There are errors within these
configurations, and it is your job to determine the incorrect configurations
and correct them. From global configuration mode, copy and paste the
switch configuration below.
5.1. DCE switch with error configuration:
DCE_SW
DCE_SW# conf t
DCE_SW(config-vlan)# name STUDENTS
DCE_SW(config-vlan)# vlan 2
DCE_SW(config-vlan)# !vlan 20
VLAN #20 and #2 have an identical name: FACULTY
DCE_SW(config-vlan)# vlan 30
DCE_SW(config-vlan)# name GUEST
DCE_SW(config)# !int range fa0/1-24
DCE_SW(config-if-range)# switchport mode access
DCE_SW(config-if-range)# shutdown
DCE_SW(config-if-range)# !interface fa0/1
DCE_SW(config-if)# !switchport mode trunk
DCE_SW(config-if)# !no shutdown
DCE_SW(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1,

changed state to up
up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state

to up
DCE_SW(config-if)# int range fa0/7-12

DCE_SW(config-if-range)# !int range fa0/6-12
DCE_SW(config-if-range)# int range fa0/13-18
DCE_SW(config-if-range)# !switchport access vlan 20
DCE_SW(config-if-range)# int range fa0/19-24
DCE_SW#
DCE_SW#
DASTE_SW
DASTE_SW> en
Password:
DASTE_SW# conf t
DASTE_SW(config)# vlan 10
DASTE_SW(config-vlan)# name STUDENTS
DASTE_SW(config-vlan)# vlan 20
DASTE_SW(config-vlan)# name FACULTY
DASTE_SW(config-vlan)# vlan 30
DASTE_SW(config-vlan)# name GUEST
DASTE_SW(config-vlan)# interface fa0/1
DASTE_SW(config-if)# switchport mode trunk
DASTE_SW(config-if)# switchport trunk allowed vlan 1,10,2,30
DASTE_SW(config-if)# !switchport trunk allowed vlan 1,10,20,30
DASTE_SW(config-if)# interface range fa0/2-24
DASTE_SW(config-if-range)# switchport mode access
DASTE_SW(config-if-range)# shutdown
%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to

administratively down



















DASTE_SW(config-if-range)#

changed state to down


changed state to down

down
DASTE_SW(config-if-range)# !interface range fa0/6-12

DASTE_SW(config-if-range)# !switchport access vlan 10
DASTE_SW(config-if-range)# interface range fa0/13-18
DASTE_SW(config-if-range)# switchport access vlan 20
DASTE_SW(config-if-range)# interface range fa0/19-24
DASTE_SW(config-if-range)# shutdown
DASTE_SW(config-if-range)# end
DASTE_SW#
DASTE_SW#
6. Copy the running configuration to the startup configuration.

DCE_SW
DCE_SW# copy run start
Destination filename [startup-config]?
[OK]
DCE_SW#
DASTE_SW
DASTE_SW# copy run start
Destination filename [startup-config]?
[OK]
DASTE_SW#


1.1. Can DCE-PC ping DCE-PC1? (yes/no) NO
PC> ping 192.168.10.3
Pinging 192.168.10.3 with 32 bytes of data:
Request timed out.

Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.10.3:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PC>
1.2. After verifying that DCE-PC was configured correctly, examine the
DCE_SW switch to find possible configuration errors by viewing a
summary of the VLAN information. Enter the show vlan brief
command.
DCE_SW> en
Password:
DCE_SW# show vlan brief
VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6
2 VLAN0002 active Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18
10 STUDENTS active Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12
20 FACULTY active
30 GUEST active Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
DCE_SW#
Are there any problems with the VLAN configuration?

There is nothing problem with the VLAN configuration.
1.3. Examine the switch for trunk configurations using the show interfaces
trunk and the show interfaces fa0/1 switchport commands.
DCE_SW
DCE_SW# show interfaces trunk
DCE_SW# show interfaces fa0/1 switchport

Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
DCE_SW#
DASTE_SW
DASTE_SW# show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk

Fa0/1 1-2,10,30
Port Vlans allowed and active in management domain

Fa0/1 1,10,30
Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 1,10,30
DASTE_SW# show interfaces fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
DASTE_SW#
Are there any problems with the trunking configuration?

Yes there is problem with the trunking configuration.
1.4. Examine the running configuration of the switch to find possible

configuration errors. Are there any problems with the current
configuration?

Yes there is problem with the current configuration on the
DCE_SW because of the symbol (!) on the switchport mode trunk
command. That’s why the command show interfaces trunk is not
working. But on the DASTE_SW there no any problem on its
configuration.
1.5. Correct the errors found regarding Fa0/1 and VLAN 10 on

DCE_SW.
DCE_SW# conf t
DCE_SW(config)# interface fa0/1
DCE_SW(config-if)# switchport mode trunk
DCE_SW(config-if)# interface fa0/6
DCE_SW(config-if)#
changed state to up
DCE_SW#
DCE_SW#
1.6. Verify the commands had the desired effects by issuing the
appropriate show commands such as show interfaces trunk and
show vlan brief.
DCE_SW
DCE_SW> en
Password:
DCE_SW# show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk

Fa0/1 1-1005
Port Vlans allowed and active in management domain

Fa0/1 1,2,10,20,30
Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 1,2,10,20,30

---- -------------------------------- --------- -------------------------------
2 VLAN0002 active Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18
Fa0/10, Fa0/11, Fa0/12
20 FACULTY active
30 GUEST active Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
DCE_SW#
Can DCE-PC ping DASTE_PC1?

No, because there are several ports on the DASTE_SW has been shut
down. That’s why DCE-PC can’t be ping on DASTE-PC1.
PC> ping 192.168.10.3
Request timed out.

Request timed out.
Request timed out.
Request timed out.


2.1. Using the previous commands, examine the DASTE_SW switch to
find possible configuration errors.

Yes, the FastEthernet0/11 is shut down.
2.2. Correct the errors found regarding interfaces and VLAN 10 on

DASTE_SW.
DASTE_SW> en
Password:
DASTE_SW# conf t
DASTE_SW(config)# interface range fa0/6-12
DASTE_SW(config-if-range)# interface fa0/11

changed state to up
DASTE_SW#
DASTE_SW#
Can DCE-PC ping DASTE-PC1? (yes/no) YES
PC> ping 192.168.10.3
Reply from 192.168.10.3: bytes=32 time=1ms TTL=128


Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

1. Assign DCE-PC to VLAN 20.

1.1. On DCE-PC, change the IP address to 192.168.20.2 /24 with a
default gateway of 192.168.20.1.
1.2. On DCE_SW, assign the port for DCE-PC to VLAN 20. Execute the
commands needed to complete the configuration.
DCE_SW> en
Password:
DCE_SW# conf t
DCE_SW(config)# int fa0/6
DCE_SW(config-if)# switchport mode access
DCE_SW#
DCE_SW#
1.3 Issue a show vlan brief to verify that the port for DCE-PC has been
assigned to VLAN 20
---- -------------------------------- ---------
-------------------------------
2 VLAN0002 active Fa0/13, Fa0/14, Fa0/15,
Fa0/16
Fa0/17, Fa0/18
Fa0/11, Fa0/12
20 FACULTY active Fa0/6
30 GUEST active Fa0/19, Fa0/20, Fa0/21,
Fa0/22
Fa0/23, Fa0/24
DCE_SW#

No, DASTE-PC2 can’t be ping on DCE-PC because the ports from
the DASTE_SW going to the DASTE-PC2 have been shutdown by the
command used.
PC> ping 192.168.20.3
Request timed out.

Request timed out.
Request timed out.
Request timed out.


2.1. Using the previous commands, examine the DCE_SW switch to find
Yes, there problems with the current configuration because from
the command used the port that are accessing the device are shutdown.
Also there VLAN 2 was named as FACULTY which must assigned to
VLAN 20.

DCE_SW> en
Password:
DCE_SW# conf t
DCE_SW(config)# no vlan 2
DCE_SW(config-vlan)# int range fa0/13-18
No, the DASTE-PC2 can’t ping on DCE-PC because from the
DASTE_SW the fa0/18 port is shutdown.
PC> ping 192.168.20.3
Request timed out.

Request timed out.
Request timed out.
Request timed out.


3.1. Using the previous commands, examine the DASTE_SW switch to
find possible configuration errors.
Yes, there is problem with the current configuration. The port
assigned on the DASTE_SW has been shutdown.

DASTE_SW# conf t

changed state to up
DASTE_SW(config-if)# exit
DASTE_SW(config-if)# switchport trunk allowed vlan remove 2
DASTE_SW(config-if)# switchport trunk allowed vlan add 20
DASTE_SW#

Yes, because the port fa0/18 from the DASTE_SW has been
enabled.
PC> ping 192.168.20.3


Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 11ms, Average = 3ms
4. Save your Packet Tracer file as NET201 Lab 2b – Group#
DATA ANALYSIS / OBSERVATIONS
Troubleshooting VLANs and VLAN trunks sometimes can be a frustrating or deal

even for the most expert network administrators. The entire concept of the VLAN is to
simplify the management of network devices so data flows are performed in an efficient
manner. Yet sometimes, a misconfiguration, oversight or architecture misstep can lead
to hours wasted troubleshooting. We cover at a few commands to help you quickly
identify and resolve problems when troubleshooting VLAN-related issues on your
network switch.
When devices are not communicating with each other while supposedly configured on
the same VLAN, the first command you should run on the switch is show vlan. you can
see on the right side of the command output, there is a column that lists all the switch
port numbers. When troubleshooting intra-VLAN problems, simply find the problematic
ports and verify that they are in the correct VLAN and also that the VLAN is in an "active"
state.
When a VLAN spans more than one switch, you can use a VLAN trunk to connect
VLANs together. Depending on how you have your trunk configured, it may share
information about all VLANs or only specific VLANs spanning the two switches. If you
have one or more VLANs that are configured on two switches connected by a trunk link,
yet the VLANs are not communicating for some reason, the first command you should
run is show interfaces trunk. The command output will show you all the configured trunk
links on the local switch. In addition, it will tell you the trunking mode, status of the trunk,
and what the native VLAN is configured for.
More importantly, you'll see three types of port status for troubleshooting VLANs that are
not communicating on the trunk: "Vlans allowed on trunk," "Vlans allowed and active in
management domain," and "Vlans in crossing tree forwarding state and not pruned." The
bottom line here is, if your VLAN is not showing up in all three of these lists, you either
have a VLAN that is not allowed on the trunk per the configuration command, the local-
switch trunk configuration, or the remote-switch trunk configuration.
Finally, if you are troubleshooting problems with Cisco phones, the problem may be that
they are not configured for the proper voice VLAN. Cisco phones have a unique feature
that essentially allows them to trunk two VLANs on a single port. One VLAN is for voice
traffic and the other is for PC traffic. The switch connects to the phone and another
Ethernet connection from the phone to the PC is used. Each desk or cube uses a single
cable, yet the phone and PC reside in separate VLANs.
In some situations, the voice VLAN may either not be configured on the port or is
configured for the incorrect voice VLAN. Not having the correct voice VLAN configured
on the problematic port can mean the difference between a working or non-working
phone. If the phone uses DHCP to receive an IP address, the voice VLAN requires a
special DHCP option configuration that points the phone to a TFTP server, where it can
download the necessary phone configuration file. This file is used to properly register the
phone to the Cisco Call Manager. It’s also possible that you have access controls or
firewall rules that only allow access from voice VLANs to Call Managers and voice mail
servers. To quickly verify the access and voice VLAN configured on a specific switch
port, simply use the show run interface command followed by the type and switch port
number. These are our observation from the experiment we work on in this lab
experiment.
QUESTIONS AND ANSWERS
Questions:
1. In Part 1 of your lab exercise, what is needed to allow hosts on VLAN

10 to communicate to hosts on VLAN 20?
2. What are the primary benefits that an organization can receive through
effective use of VLANs?
3. Why is a correctly configured trunk port critical in a multi-VLAN
environment?
4. Why would a network administrator limit traffic for specific VLANs on a
trunk port?
Answers:
1. To allow hosts on VLAN 10 to communicate to hosts VLAN 20. The network

topology and router output, it shows the exhibit of each network that needed in
each internet such as the ports of FastEthernet and GigaEthernet. The technician
is the one who troubleshooting host connectivity issues on the switches. The
hosts in VLANs 10 and 20 on SW_DCE are not communicating with hosts in the
same VLANs on SW_DASTE. The admin of the host in VLAN can communicate
by which is to the specific devices only. The port-to-VLAN assignments are
identical on the two switches.
2. According to Bredley Mitchell, Virtual Local Area Networks (VLANs) is
subnetwork that groups together a collection of devices from different physical
LANS. It improves the overall performance of traffic management in the network.
The primary benefits that an organization can be receive through effective use of
VLANs is user productivity and network adaptability it is important for VLANs
business growth and success, VLANs make it easier to design a network for the
goals of an organization. The benefits of using VLANs are security, cost
reduction, better performance, shrink broadcast domains, improved IT staff
effeciency and supplier project and application management.
3. Multi-VLAN environment is correctly configured trunk port critical port to trunks
ports allows transmission of multiple VLANs across one link. An incorrectly
configured can prevent VLANs from from communicating across switches. And
also through the use of Trunk enabled there should be no problem in all VLAN’s
that we assign. Trunk is one of solution to communicate different VLAN to one
another in switch but if the Trunk is disabled, VLAN’s can’t communicate to one
another.
4. Network administrator is the one responsible to secure and ensure fast
connections of every network and information. The network administrator limit
traffic for specific VLANs on a trunknport to prevent unwanted VLAN traffic from
travelling through that trunk port.
CONCLUSION
In this activity Configuring and troubleshooting VLAN and Trunking, we are task
to accomplish the given objectives. Doing this lab experiment is challenging but also fun
because we tend to discover things about types of networking. And for this activity we
create a network that will configure devices to connect to VLAN’s. The main use o
VLANs is to contain broadcasts. To move traffic between VLANs you need a Layer 3
device to route packets. Endways VLANs are used when devices always need to belong
to the same VLAN no matter where the device is located typically for security reasons.
Local VLANs are substantially based and are used to break up broadcast domains.
Local VLANs don't extend beyond a building's access and distribution layers. VLANs can
be associated to a switch interface either dynamically or statically. Dynamic VLANs use
a VMPS server to associate users to VLANs, but require a lot of upfront configuration.
However, a user can be plugged in to a switch port anywhere in the network and be
associated to the correct VLAN dynamically. Static VLANs are easier to configure, but
are more difficult to manage if users are continually moving around in the network.
To create a VLAN, use the vlan command. To associate an interface to a VLAN, use
the switchport mode access and switchport access vlan commands. The show
vlan command displays your configured VLANs. Trunks are used to add VLAN
information to frames as they are transported between switches and other devices.
These methods that we used are complex ones because we have to connect the
devices to the switch which are VLAN but following the procedures guide us to get the
correct output of the program. Generally, there are two ways to look at a trunk line. In
telephony, the term trunk refers to connections between offices or distribution facilities.
These connections represent an increased number of lines or time division multiplexed
connections.
VLANs are a basic tool for creating network boundaries. While they can create
challenges regarding the forwarding of traffic, they can be a powerful tool for handling
security and quality of service concerns. This chapter discussed the operation of VLANs
and the methods used for propagating VLANs throughout a larger topology. When
deploying VLANs and trunks, there are several design considerations to take into
account. One must address the basic questions. As topologies and the VLANs grow, so
does the complexity. It is important to review the default operation and configuration of
network elements in order to ensure that locally created configurations do not place the
network at risk. A physical network security measure was implemented in the form of an
electronic combination lock of which a circuit was finally built that had the ability to open
three different doors using a password and activate an alarm when the password is
inputted wrongly three times. The password can be changed when there is a breach of
security depending on the program written. This project can be used to improve network
security in general as implementing VLANs improves the network performance and
electronic combination lock provides physical security to the organization’s network such
as banks, hospitals, rooms or offices has any confidential information on their systems
especially the server room of the network topology.
These lab experiment was not quite easy for all of us because there are a lot of things
really hard to understand so we sometimes make mistakes and do it again from the
start. But as we go and do these experiment it gets easier somehow because were
repeating the process on and on till we arrived in the correct pattern.
REFERENCES
https://www.networkcomputing.com/network-security/vlan-troubleshooting-
commands
Bansal, R.K., V. Gupta and R. Malhotra, 2010. Performance analysis of wired
and wireless LAN using soft computing techniques-a review. Global J. Comput.
Sci. Technol., 10: 67-71.
Begg, L., W. Lui, K. Pawlikowski, S. Perera and H. Sirisena, 2006. Survey of
simulators of next generation networks for studying availability and resilience.
Technical Report TR-COCS 05/06, Department of Computer Science and
Software Engineering, Univeristy of Canterbury, Christchurch, New Zealand.
Bleikertz, S., 2010. Automated security analysis of infrastructure clouds. M.Sc.

Thesis, Technical University of Denmark, Denmark.
Cabuk, S., C.I. Dalton, H. Ramasamy and M. Schunter, 2007. Towards

automated provisioning of secure virtualized networks. Proceedings of the 14th
ACM Conference on Computer and Communications Security, October 29-
November 2, 2007, Alexandria, VA., USA., pp: 235-245.
Chen, S., J. Xu, R.K. Iyer and K. Whisnant, 2002. Evaluating the security threat
of firewall data corruption caused by instruction transient errors. Proceedings of
the International Conference on Dependable Systems and Network, June 23-26,
2002, Washington, DC., pp: 495-504.
Chen, X. and X. Chen, 2012. Study on layout strategy of transit hub network.
Proceedings of the International Conference on Industrial Control and Electronics
Engineering, August 23-25, 2012, Xi'an, China, pp: 258-261.
Decasper, D., Z. Dittia, G. Parulkar and B. Platter, 2000. Router plugins: A

software architecture for next-generation routers. IEEE ACM Trans. Network., 8:
2-15.X

Net201: Networking With Lab 2: Configuring and Troubleshooting Vlans and Trunking

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Net201: Networking With Lab 2: Configuring and Troubleshooting Vlans and Trunking

Uploaded by

Copyright:

Available Formats

NET201: Networking with Lab 2

Configuring and Troubleshooting VLANs and Trunking

Group No. : ____ Signature

Leader: LIWANAG, JAMES RYAN C. ___________________

Date Performed : 15 September 2019

MR. LEONARDO ANTIVO

After this laboratory, students should be able to:

1. build the network and configure basic device settings,

QUANTITY PART DESCRIPTION

Modern switches use virtual local-area networks (VLANs) to improve

PART 1 – Configuring VLANs and Trunking

Task 1. Build the Network and Configure Basic Device Settings.

Task 2. Create VLANs and Assign Switch Ports

What is the default VLAN? ___________

2. Assign VLANs to the correct switch interfaces.

2.2. Move the switch IP address VLAN 99 (MANAGEMENT VLAN).

4. Issue the show ip interface brief command.

What is the status of VLAN 99? Why?

Task 3. Maintain VLAN Port Assignments and the VLAN Database

3.3. In the global configuration mode, issue a no vlan 30 command to

Task 4. Configure an 802.1Q Trunk Between the Switches

If you answered no to any of the above questions, explain below.

2. Manually configure trunk interface Fa0/1.

Task 5. Delete the VLAN Database

PART 2 – Troubleshooting VLAN Configurations

Task 1. Build the Network and Configure Basic Device Settings

5.2. DASTE switch with error configuration:

6. Copy the running configuration to the startup configuration.

Task 2. Troubleshoot VLAN 10

Are there any problems with the trunking configuration?

Are there any problems with the current configuration?

Can DCE-PC ping DASTE_PC1?

2. Troubleshoot VLAN 10 on DASTE_SW.

Are there any problems with the current configuration?

2.2. Correct the errors found regarding interfaces and VLAN 10 on

Can DCE-PC ping DASTE-PC1? (yes/no) _____

Task 3. Troubleshoot VLAN 20

2. Troubleshoot VLAN 20 on DCE_SW.

Can DCE-PC ping DASTE-PC2? (yes/no) Why?

Can DCE-PC ping DASTE-PC2? (yes/no) Why?

Note: It may be necessary to disable the PC firewall to ping between PCs.

4. Save your Packet Tracer file as NET201 Lab 2b – Group#

NETWORK TOPOLOGY DIAGRAM

Figure 2.1. Switch environment network diagram for Part 1

Figure 2.2. Switch environment network diagram for Part 1

Table 2.1. Summary of network device interface IP addresses

Table 2.2. Summary of network device interface IP addresses

Table 2.3. Summary of Switch Port Assignment Specifications

Part 1 - Configuring VLANs and Trunking

Figure 2.1. Switch environment network diagram for Part 1

2. Initialize and reload the router and switch.

3.2. Execute the basic configuration on each switch such as:

b. Disable IP domain lookup,

d. Provide enable password (DCE_SW = “dce”, DBA_SW = “dba”)

e. Include message of the day banner (DCE_SW = “This is DCE

5.2. Can DBA-PC ping DCE-PC2? NO

5.4. Can DCE-PC1 ping DCE-PC2? NO

5.6. Can DCE-PC2 ping DCE_SW VLAN1? NO

Task 2. Configure Basic Device Settings and Verify Connectivity (CLI

1. Create VLANs on the switches.

1.5. Create the VLANs on DBA_SW.

What is the default VLAN? VLAN 1