Cisco Switch Configuration for VLANs and Inter-VLAN Routing

Posted on May 7, 2024 in Language

SWITCH 2 (beta)

User Accounts and Passwords

enable secret 5 cisco
username user1 privilege 15 password 7 
username user2 privilege 15 password 7

VLAN 30 Access Ports (Port Security Enabled)

PC1

interface FastEthernet0/1
switchport mode access
switchport access vlan 30
switchport port-security
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security violation protect
switchport port-security mac-address sticky 0090.2B3B.4E83

Server DNS

interface FastEthernet0/2
switchport mode access
switchport access vlan 30
switchport port-security
switchport port-security maximum 4
switchport port-security violation protect
switchport port-security mac-address 0001.4391.3569

Other VLAN 30 Ports

interface range FastEthernet0/3-7
switchport mode access
switchport access vlan 30
switchport port-security
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security violation protect

VLAN 40 Access Ports (Port Security Enabled)

Server TFTP

interface FastEthernet0/8
switchport mode access
switchport access vlan 40
switchport port-security
switchport port-security maximum 3
switchport port-security violation restrict
switchport port-security mac-address 0001.C745.9B26

PC2

interface FastEthernet0/9
switchport mode access
switchport access vlan 40
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 000A.F389.3D96

Other VLAN 40 Ports

interface FastEthernet0/10-18
switchport mode access
switchport access vlan 40
switchport port-security
switchport port-security maximum 3
switchport port-security mac-address sticky
switchport port-security violation restrict

Trunk Ports

Interface Afuera

interface FastEthernet0/21
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 30,40,99

Interface Cruzada

interface FastEthernet0/22
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 30,40,99

Interface Adentro

interface FastEthernet0/23
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 30,40,99
spanning-tree vlan 30,40 port-priority 16

Interface de Arriba

interface FastEthernet0/24
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 10,20,30,40,99

System Configuration

no cdp run
banner motd ^Cacceso restringido^C

Console and VTY Lines

line con 0
password 7 0822455D0A16
login

line vty 0 4
password 7 Cisco
login local
line vty 5 15
password 7 cisco
login local

SWITCH 1 (alpha)

User Accounts and Passwords

enable secret 5 cisco
username user1 privilege 15 password 7 08651D0A043C370556031451381D307F21050C1C344214105461
username user2 privilege 15 password 7 08651D0A043C370556031451381D307F21050C1C344214105461

VLAN 10 Access Ports (Port Security Enabled)

PC1

interface FastEthernet0/1
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security violation protect
switchport port-security mac-address sticky 0001.C7EB.8C36

Server DNS

interface FastEthernet0/2
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 4
switchport port-security violation protect
switchport port-security mac-address 0002.4A33.39EB

Other VLAN 10 Ports

interface FastEthernet0/3-10
switchport mode access
switchport access vlan 10
switchport port-security
switchport port-security maximum 4
switchport port-security mac-address sticky
switchport port-security violation protect

VLAN 20 Access Ports (Port Security Enabled)

PC2

interface FastEthernet0/11
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security mac-address sticky 000A.F383.CA30

Other VLAN 20 Ports

interface FastEthernet0/12-17
switchport mode access
switchport access vlan 20
switchport port-security
switchport port-security maximum 2
switchport port-security mac-address sticky

Trunk Ports

Interface Adentro

interface FastEthernet0/21
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 10,20,99
spanning-tree vlan 10,20 port-priority 16

Interface Cruzada

interface FastEthernet0/22
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 10,20,99

Interface Afuera

interface FastEthernet0/23
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 10,20,99

Interface Arriba

interface FastEthernet0/24
switchport mode trunk
switchport trunk native vlan 99
switchport trunk allowed vlan 10,20,30,40,99

System Configuration

banner motd ^Cacceso restringido^C

Console and VTY Lines

line con 0
password 7 cisco
login

line vty 0 4
password 7 cisco
login local

line vty 5 15
password 7 cisco
login local

Switch Capa 3 “A” (sol)

User Accounts and Passwords

enable secret 5 cisco
username user1 privilege 15 secret 5 cisco

Routing and SSH Configuration

ip routing
ip ssh version 2
ip domain-name cisco.cl

Spanning Tree Configuration

spanning-tree vlan 10,20 priority 24576

Interface Configuration

FastEthernet0/2

interface FastEthernet0/2
spanning-tree vlan 10 port-priority 16

INTERFACE CRUZADA

interface FastEthernet0/22
switchport trunk encapsulation dot1q

INTERFACE ABAJO

interface FastEthernet0/23
no switchport
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto

iNTERFACE AFUERA

interface FastEthernet0/24
switchport trunk encapsulation dot1q

VLAN Interfaces

interface Vlan10
ip address 172.16.10.1 255.255.255.0

interface Vlan20
ip address 172.16.20.1 255.255.255.0

Routing

ip classless
ip route 172.16.30.0 255.255.255.0 10.0.0.2
ip route 172.16.40.0 255.255.255.0 10.0.0.2

System Configuration

banner motd ^Cacceso denegado^C

Console and VTY Lines

line con 0
password 7 cisco
login

line vty 0 4
password 7 cisco
login local
transport input ssh

line vty 5 15
password 7 cisco
login local
transport input ssh

Switch Capa 3 B (luna)

User Accounts and Passwords

enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
username user1 privilege 15 secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0

Routing and SSH Configuration

ip routing
ip ssh version 2
ip domain-name ccna3.cl

Spanning Tree Configuration

spanning-tree vlan 30,40 priority 24576

Interface Configuration

INTERFACE CRUZADA

interface FastEthernet0/22
switchport trunk encapsulation dot1q

INTERFACE ABAJO

interface FastEthernet0/23
no switchport
ip address 10.0.0.2 255.255.255.0
duplex auto
speed auto

INTERFACE INTERIOR

interface FastEthernet0/24
switchport trunk encapsulation dot1q

VLAN Interfaces

interface Vlan30
ip address 172.16.30.1 255.255.255.0

interface Vlan40
ip address 172.16.40.1 255.255.255.0

Routing

ip classless
ip route 172.16.20.0 255.255.255.0 10.0.0.1
ip route 172.16.10.0 255.255.255.0 10.0.0.1

System Configuration

banner motd ^Cacceso denegado^C

Console and VTY Lines

line con 0
password 7 cisco
login

line vty 0 4
password 7 cisco
login local
transport input ssh
line vty 5 15
password 7 cisco
login local
transport input ssh