Connections: Mls To Sw1

Switching, Routing, and Wireless (SRWE) – Semester 1
Week 9 workshop – Revision / Mock Test
Connections
MLS to SW1
• MLS Gig0/1 connects to SW1 Gig0/1
MLS to SW1
• MLS Gig0/2 connects to SW2 Gig0/2
SW1 to SW2
• SW1 Gig0/2 connects to SW2 Gig0/1
SW2 to SW3
• SW2 Fa0/22 connects to SW3 Fa0/22
MLS to End Devices

• MLS Fa0/1 connects to VLAN 11 PC1
• MLS Fa0/2 connects to VLAN 12 PC1
SW1 to End Devices

• SW1 Fa0/1 connects to VLAN 11 PC2
SW2 to End Devices

SW3 to End Devices

IP Addressing Table
DEFAULT
DEVICE INTERFACE IP ADDRESS SUBNET MASK
GATEWAY
MLS VLAN 11 192.168.11.1 255.255.255.0 N/A
MLS VLAN 12 192.168.12.1 255.255.255.0 N/A
VLAN 11 PC1 Fa0 192.168.11.2 255.255.255.0 192.168.11.1
VLAN 11 PC2 Fa0 192.168.11.3 255.255.255.0 192.168.11.1
VLAN 11 PC3 Fa0 192.168.11.4 255.255.255.0 192.168.11.1
VLAN 11 PC4 Fa0 192.168.11.5 255.255.255.0 192.168.11.1
VLAN 12 PC1 Fa0 192.168.12.2 255.255.255.0 192.168.12.1
VLAN 12 PC2 Fa0 192.168.12.3 255.255.255.0 192.168.12.1
VLAN 12 PC3 Fa0 192.168.12.3 255.255.255.0 192.168.12.1
VLAN 13 PC1 Fa0 192.168.13.1 255.255.255.0 N/A
Configure the Switches using the PCs connected to them using the console
cable.
a) Basic Device Configuration (CONFIGURE ON ALL THE SWITCHES)
1. Configure the hostname for the switches according to their display name.
Switch (config) #hostname MLS / SW1 / SW2 / SW3
2. Set the line console password for the switches as ‘class’.
MLS (config) #line con 0

MLS (config-line) #password class
MLS (config-line) #login
MLS (config-line) #exit
SW1 (config) #line con 0

SW1 (config-line) #password class
SW1 (config-line) #login
SW1 (config-line) #exit


3. Configure the exec mode secret for the switches as ‘cisco’.
MLS (config) #enable secret cisco
SW1 (config) #enable secret cisco
4. Configure the message of the day banner for the switches as ‘Authorized
Access Only.’
MLS (config) #banner motd -Authorized Access Only.-
SW1 (config) #banner motd -Authorized Access Only.-

5. Encrypt all the user passwords.
MLS (config) #service password-encryption
SW1 (config) #service password-encryption
b) Secure Shell (SSH) Configuration (CONFIGURE ONLY ON THE MLS)
VARIABLES VALUES
DNS Domain Name cisco.com
Crypto Key RSA
Modulus 1024 bits
Version 2
Time-out 30 Seconds
Authentication-retries 3
Username admin
Secret sshpass
MLS (config) #ip domain-name cisco.com

MLS (config) #crypto key generate rsa
How many bits in the modulus [512]: 1024
MLS (config) #ip ssh version 2
MLS (config) #ip ssh time-out 60
MLS (config) #ip ssh authentication-retries 3
MLS (config) #username admin secret sshpass
MLS (config) #line vty 0 4

MLS (config-line) #transport input ssh
MLS (config-line) #login local
MLS (config-line) #exit
c) Configure LACP unconditionally (EtherChannel) between the SW2 and SW3

using port channel 5.
SW2 (config) #int port-channel 5

SW2 (config-if) #exit
SW2 (config) #int range fa0/22-24

SW2 (config-if-range) #channel-group 5 mode active
SW2 (config-if-range) #exit


SW3 (config-if-range) #channel-group 5 mode active
d) Configure VTP between the switches using the following variables.
VARIABLES VALUES
Version 2
Domain ccna
Password ccnaswitching
Mode AS LISTED BELOW
DEVICE MODE
MLS Server
SW1 Client
SW2 Transparent
SW3 Client
MLS (config) #vtp version 2

MLS (config) #vtp domain ccna
MLS (config) #vtp password ccnaswitching
MLS (config) #vtp mode server
SW1 (config) #vtp version 2

SW1 (config) #vtp domain ccna
SW1 (config) #vtp password ccnaswitching
SW1 (config) #vtp mode client

SW2 (config) #vtp mode transparent

SW3 (config) #vtp mode client
e) Create the following VLANs on the Server Switch (MLS)
VLAN ID VLAN NAME

11 Accounts
12 Resources
99 Management
MLS (config) #vlan 11
MLS (config-vlan) #name Accounts
MLS (config-vlan) #vlan 12
MLS (config-vlan) #name Resources
MLS (config-vlan) #vlan 99
MLS (config-vlan) #name Management
MLS (config-vlan) #exit
f) Set the following trunk configurations throughout the Gigabit (Gig) interfaces
in the MLS, SW1, and SW2 and the EtherChannel configured previously.
VARIABLES VALUES
Encapsulation (Only where Appropriate) dot1q
Allowed VLAN 11, 12, 99
Native VLAN 99
MLS (config) #int range g0/1-2

MLS (config-if-range) #switchport trunk encapsulation dot1q
MLS (config-if-range) #switchport trunk allowed vlan 11,12,99
MLS (config-if-range) #switchport trunk native vlan 99
MLS (config-if-range) #exit
SW1 (config) #int range g0/1-2

SW1 (config-if-range) #switchport trunk allowed vlan 11,12,99
SW1 (config-if-range) #switchport trunk native vlan 99
SW2 (config) #int range g0/1-2


g) Create the following VLANs on the Transparent Switch (SW2)
VLAN ID VLAN NAME

11 Accounts
13 HR
99 Management
SW2 (config) #vlan 11

SW2 (config-vlan) #name Accounts
SW2 (config-vlan) #vlan 13
SW2 (config-vlan) #name HR
SW2 (config-vlan) #vlan 99
SW2 (config-vlan) #name Management
SW2 (config-vlan) #exit
h) Configure all the interfaces of all the switches connected to the end devices
to work in access mode and in accordance to the appropriate VLANs.
MLS (config) #int fa0/1

MLS (config-if) #switchport mode access
MLS (config-if) #switchport access vlan 11
MLS (config-if) #int fa0/2
MLS (config-if) #switchport mode access
MLS (config-if) #switchport access vlan 12
MLS (config-if) #exit
SW1 (config) #int fa0/1

SW1 (config-if) #switchport mode access
SW1 (config-if) #switchport access vlan 11
SW1 (config-if) #int fa0/2


i) Configure port security on all the access ports of all the switches using the
following variables
VARIABLES VALUES
Aging Time 600 Minutes
Maximum Allowed MAC Address 5
MAC Address Learning Method Sticky
Violation Mode Restrict
MLS (config) #int range fa0/1-2

MLS (config-if-range) #switchport port-security
MLS (config-if-range) #switchport port-security aging time 600
MLS (config-if-range) #switchport port-security max 5
MLS (config-if-range) #switchport port-security mac-address sticky
MLS (config-if-range) #switchport port-security violation restrict

SW1 (config-if-range) #switchport port-security
SW1 (config-if-range) #switchport port-security aging time 600
SW1 (config-if-range) #switchport port-security max 5
SW1 (config-if-range) #switchport port-security mac-address sticky
SW1 (config-if-range) #switchport port-security violation restrict

j) Configure the MLS for Inter-VLAN routing of VLANs 11 and 12 using the IP
Addresses from the Addressing Scheme provided at the beginning of the
paper.
MLS (config) #ip routing

MLS (config) #int vlan 11
MLS (config-if) #ip address 192.168.11.1 255.255.255.0
MLS (config-if) #int vlan 12
MLS (config-if) #ip address 192.168.12.1 255.255.255.0
MLS (config-if) #exit
k) Configure STP according to the following table.
NOTE: - WHILE CREATING THE PRIMARY ROOT BRIDGE USE PRIORITY 8192
and WHILE CREATING THE SECONDARY ROOT BRIDGE USE THE ‘root’
COMMAND METHOD.
VLAN ID PRIMARY ROOT BRIDGE SECONDARY ROOT BRIDGE

11 MLS SW1
12 SW1 MLS
MLS (config) #spanning-tree vlan 11 priority 8192

MLS (config) #spanning-tree vlan 12 root secondary
SW1 (config) #spanning-tree vlan 12 priority 8192
SW1 (config) #spanning-tree vlan 11 root secondary
l) Enable portfast and BPDU guard on all the access ports of all the switches.
MLS (config) #int range fa0/1-2

MLS (config-if-range) #spanning-tree portfast
MLS (config-if-range) #spanning-tree bpduguard enable

SW1 (config-if-range) #spanning-tree portfast
SW1 (config-if-range) #spanning-tree bpduguard enable


m) Assign IP addresses to the PCs referring to the IP addressing table provided

at the beginning of the paper.
End of Paper!!
Regards
Cisco SRWE, Subekshya Pradhan.

Connections: Mls To Sw1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Connections: Mls To Sw1

Uploaded by

Copyright:

Available Formats

Switching, Routing, and Wireless (SRWE) – Semester 1

Week 9 workshop – Revision / Mock Test

MLS to End Devices

SW1 to End Devices

SW2 to End Devices

SW3 to End Devices

a) Basic Device Configuration (CONFIGURE ON ALL THE SWITCHES)

2. Set the line console password for the switches as ‘class’.

MLS (config) #line con 0

SW1 (config) #line con 0

SW2 (config) #line con 0

SW3 (config) #line con 0

3. Configure the exec mode secret for the switches as ‘cisco’.

MLS (config) #enable secret cisco

SW1 (config) #enable secret cisco

SW2 (config) #enable secret cisco

SW3 (config) #enable secret cisco

MLS (config) #banner motd -Authorized Access Only.-

SW1 (config) #banner motd -Authorized Access Only.-

SW2 (config) #banner motd -Authorized Access Only.-

5. Encrypt all the user passwords.

MLS (config) #service password-encryption

SW1 (config) #service password-encryption

SW2 (config) #service password-encryption

SW3 (config) #service password-encryption

b) Secure Shell (SSH) Configuration (CONFIGURE ONLY ON THE MLS)

MLS (config) #ip domain-name cisco.com

MLS (config) #line vty 0 4

c) Configure LACP unconditionally (EtherChannel) between the SW2 and SW3

SW2 (config) #int port-channel 5

SW2 (config) #int range fa0/22-24

SW3 (config) #int port-channel 5

SW3 (config) #int range fa0/22-24

d) Configure VTP between the switches using the following variables.

MLS (config) #vtp version 2

SW1 (config) #vtp version 2

SW2 (config) #vtp version 2

SW3 (config) #vtp version 2

e) Create the following VLANs on the Server Switch (MLS)

VLAN ID VLAN NAME

MLS (config) #int range g0/1-2

SW1 (config) #int range g0/1-2

SW2 (config) #int range g0/1-2

SW3 (config) #int port-channel 5

g) Create the following VLANs on the Transparent Switch (SW2)

VLAN ID VLAN NAME

SW2 (config) #vlan 11

MLS (config) #int fa0/1

SW1 (config) #int fa0/1

SW2 (config) #int fa0/1

SW3 (config) #int fa0/1

MLS (config) #int range fa0/1-2

SW1 (config) #int range fa0/1-2

SW2 (config) #int range fa0/1-2

MLS (config) #ip routing

k) Configure STP according to the following table.

VLAN ID PRIMARY ROOT BRIDGE SECONDARY ROOT BRIDGE

MLS (config) #spanning-tree vlan 11 priority 8192

MLS (config) #int range fa0/1-2

SW1 (config) #int range fa0/1-2

SW2 (config) #int range fa0/1-2

SW3 (config) #int range fa0/1-2