How To Configure VLANs On A Cisco Switch - The BHC Blog

3/4/2016 How
to configure VLANs on a Cisco Switch | The BHC Blog
The BHC Blog
"The Technical Blog of Blackhawk Consulting"
Home |
About Us |
Subscribe |
Register For Free |
SignIn
Recent Posts
Hyperv 2016
Fix for: Error 1935. An error has occured during the installation of assembly component
{9bae13a2e7afd6c3a01fc8b3b9a1e18e}. HRESULT: 0x800736B3
Blackberry Missing net_rim_crypto
Fix for: “An error caused a change in the current set of domain controllers.”
Fix for: LA Noire: The Launcher cannot query DirectX. Please update DirectX by installing the
latest redistribution.
Disable Windows 8 Interface
Howto: Enable debugview for RMS 1.0
How to add a server to an ADRMS cluster with no SCP
Some useful ADRMS blogs
Black Screen of Death Server 2008 with Exchange
Topics
Hardware
How To
IT Security
Linux
Microsoft RMS
Microsoft Windows
Misc
Uncategorized
Web Design / SEO
Archives
January 2016
September 2012
November 2011
October 2011
September 2011
August 2011
July 2011
http://www.bhcblog.com/howtocreatevlansonaciscoswitch/ 1/6
3/4/2016 How to configure VLANs on a Cisco Switch | The BHC Blog
June 2011
April 2011
March 2011
February 2011
January 2011
September 2010
July 2010
June 2010
May 2010
October 2009
August 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
Search
Enter Search Terms
Useful Information
About Us
Bookmark with Del.icio.us
Digg this site
Recent Articles
Coming Soon ...
HOWTO: Create VLANs on a Cisco Switch
If you do not wish to setup the switch yourself or are looking for expert help, consider hiring Blackhawk
Consulting to assist you with your switch and network needs.
VLANs are Virtual LANs. They allow you to logically divide up your switched network to improve
network speed, security, and reliability. If you have other Cisco equipment in your network, such as
Cisco wireless access points or Cisco PIX firewalls, setting up your switch correctly will give you a big
return as all the Cisco equipment is VLAN aware. What does this mean? it means you can have two
networks shared out via wireless using one access point. It also means you can separate out sections of
your network for servers, clients, VPN clients, etc.. which will greatly improve your network efficiency.
Before you begin defining VLANs on your network, first decide what the purpose is for each VLAN. For
example, lets say in we have two offices… One in New York, and One in California. At each location we
want to separate out Servers and clients. This means we have 4 categories:
1. NY_Servers 10.100.0.0 / 255.255.0.0
2. NY_Clients 10.150.0.0 / 255.255.0.0
3. CA_Servers 10.200.0.0 / 255.255.0.0
4. CA_Clients. 10.250.0.0 / 255.255.0.0
In our example, we will set up each VLAN with the above ip configuration. The ip configuration tells the
switch what network segments are where which will allow your switch to do routing between VLANs.
STEP 1: Login and Setup:
1. Login to enter Enable mode:
> en
Switch#
2. Enter Configure mode:
Switch# conf t
Switch (Config) #
3. Name each VLAN (The commands below name all 4 VLANs)
Switch (Config) # vlan 2
Switch (Configvlan) # name NY_Servers
Switch (Configvlan) # exit
Switch (Configvlan) # name NY_Clients
Switch (Configvlan) # name CA_Servers
Switch (Configvlan) # name CA_Clients
Switch (Config) # exit
Switch #
You have now successfully setup the 4 VLANs.. They’re not functional yet but lets make sure our
settings took…
1. We are going to run a command that will show us what VLANs are currently configured:
Switch # show VLAN
Your output should look something like this:
Fa0/18, Fa0/20, Fa0/21, Fa0/22
1 default active
Fa0/24, Gi0/1, Gi0/2
Fa0/1, Fa0/2, Fa0/3, Fa0/4
2 NY Servers active
Fa0/5, Fa0/6, Fa0/7, Fa0/8
3 NY Clients active Fa0/13, Fa0/14, Fa0/15, Fa0/16
4 CA_Servers active Fa0/17
5 CA_Clients active
….
If you see extra vlans you do not want simply follow the step below:
Switch # conf t
Switch (Config) # no vlan XX where XX is the vlan number you want to remove.
Switch (Config) # exit
Now run “show vlan” again and see if the vlan has been removed.
Step 2: Assign IP Address ranges to each VLAN
Now that we have the basic VLAN infrastructure in place we need to assign gateways for each VLAN.
The gateways will inform the switch what network segments each VLAN represents. In this case, we see
that NY uses 10.100.x.x and 10.150.x.x for their network and CA uses 10.200.x.x and 10.250.x.x. In
order to keep things simple, we will assume that the gateways are 10.x.x.1.
1. To assign networks to each VLAN:
Switch # conf t
Switch (config) # int vlan 2
Switch (configif) # ip address 10.100.0.1 255.255.0.0
Switch (configif) # exit
Switch (config) # exit
Switch #
We now have now told the switch what address range is used in each VLAN. At this point we have not
created the VLANs and assigned address ranges to them. There are still three tasks left:
1. Assign ports to VLANs
2. enable IP Routing (if it is off)
3. and test.
Step 3: Assign ports to VLANs.
The next step is to assign the physical ports on your switch to specific VLANs. In our example we will
only assign the first 4 ports on the device; one to each VLAN.
Switch # Conf t
Switch (config) # int Fe 0/1
Switch (configif) # switchport access vlan 2
Switch (configif) # switchport mode access
Switch #
The result of the above commands is that each physical port on the switch has now been assigned to a
specific VLAN. To verify this run “show vlan” and you will now see that ports 14 are now assigned to
vlans 25.
The final step is to ensure VLAN routing is turned on. To do this run the commands below:
Switch # conf t
Switch (config) # ip routing
Switch #
Theoretically now, assuming you have hit no problems and got no errors when entering commands, you
are finished.
It is very very important to save your changes now or they will be lost on reboot:
Switch # copy run start
Switch #
Step 5: Testing
To test, simply plug a computer into each port, assign a valid ip on the subnet (ie if the subnet/vlan is
10.100.0.0 255.255.0.0 .. your pc would need to be 10.100.x.x / 255.255.0.0.)
First test: See if you can ping your client from the switch using the ping command. You can run
ping directly from the Cisco interface.
Second test: See if you can ping the gateway from the client.. (ie client 10.100.x.x would ping
10.100.0.1)
Third test: See if you can ping a gateway on another segment.. (ie Client 10.100.x.x would ping
10.200.x.1)
Fourth test: See if you can ping a client on another segment.. (ie client on 10.100.x.x would ping a
client on 10.200.x.x)
If this works you are now finished. You now have successfully setup a basic Cisco Layer 3 Switch with
VLANs and network routing. Be aware that this is just the very beginning of what your cisco device is
capable of.. The advanced features using ACL’s on the equipment can allow you to prevent traffic from
one VLAN accessing another, can allow your firewall / VPN to assign VPN clients to a specific VLAN,
can allow your Wireless access point to assign wireless clients to a specific VLAN, etc. etc. If you let me
know of specific problems you have had or topics you would like more detail on, please just send a
comment.
If you do not wish to setup the switch yourself or are looking for expert help, consider hiring Blackhawk
Consulting to assist you with your switch and network needs.
_______________________________________
PLEASE HELP BY BOOKMARKING OUR SITE...

Visit Blackhawk Consulting IT Consulting at affordable rates

How To Configure VLANs On A Cisco Switch - The BHC Blog

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

How To Configure VLANs On A Cisco Switch - The BHC Blog

Uploaded by

Copyright:

Available Formats

3/4/2016 How

You might also like