Professional Documents
Culture Documents
ENCORE Part 1
Lab guide
Prepared by:
Eng. Ahmed Nabil
(DoN)
1
F0/13
F0/12
F0/14
F0/11
F0/13
F0/14
2
Switch Lab 1
Task 1: Basic Configuration
>enable
#show flash … !notice vlan.dat,config.text,IOS.bin files!
#configure terminal
(config)#hostname name
(config)#enable secret cisco
(config)#line vty 0 15
(config-line)#no login
! this command will make no need for login password while others
are logging by telnet to your switch (others will enter to your user
mode directly without asking for password!
! Configuring IP for management(creating management VLAN)!
(config)#interface vlan 1
(config-if)# ip address 10.0.0.x 255.0.0.0
(config-if)#no shutdown
3
Task 2: Troubleshooting the switch and network
#show version
! to display interface activity, speed, duplex !
#show interface status
#show mac-address-table
….CPU MAC is static switch MACs from factory
#show arp
…. Notice entry with Age (-) is the switch own MAC and IP
#show vlan
4
Task 3: Trunking and tagging:
(config)#interface fa0/x
(config-if)#switchport mode {access/trunk/dynamic
desirable/dynamic auto}
! try each mode and monitor changes using:
(config-if)#switchport trunk encapsulation {isl/dot1q}
! this command doesnot exist on new access switch, will not
applied on most switches in that lab !
! try to change native vlan to other vlan than 1, you can add the
following command !
(config-if)#switchport trunk native vlan #
!Observe the notification message appearing native vlan mismatch!
! add vlans from 1 till 20 in the trunk allowed vlan list !
(config-if)#switchport trunk allowed vlan {list |add list|remove
list|except list}
!try all options and monitor the changes using:
#show interface trunk
5
Lab 2: Task 4: VTP
#show vlan brief
#show vtp status
6
Task 5: VLAN database:
#show vlan
#show flash
7
Switch Lab 3
Task 1: Basic Configuration:
>enable
#show flash
#configure terminal
(config)#hostname name
(config)#line vty 0 15
(config-line)#no login
(config-line)#privilege level 15
! the above commands will allow telnet to your device with no
login password, and privilege level 15 means (any one that will
telnet can access directly to enable mode with full privileges) !
(config)#interface vlan 1
(config-if)# ip address 10.0.0.x 255.0.0.0
(config-if)#no shutdown
8
Task 2: Trunks, VTP & VLANs
(config)#vtp domain lab
(config)#vtp version 2
#show vtp status
! then create VLANs from 2 till 11, using:
(config)#vlan no.
Check using:
#show vtp status
#show vlan
#show interface trunk
9
Task 3: Trace the path to the root switch
Using:
#show spanning-tree
#show cdp neighbors
! also check your blocked ports !
11
Lab 6: Task 6: HSRP on router or MLS
(config)#interface {E-/-|F-/-}
(config-if)#standby # ip 10.0.0.100
Optional:
(config-if)#standby # priority #
(config-if)#standby # track interface serial # [decrement value]
#show standby brief
#show standby
#debug standby
12
Switch Lab 7
Task 1: Basic configuration
#show flash
(config)#hostname name
! enable authentication using AAA this time for console and VTY !
(config)#aaa new-model
(config)#aaa authentication login default local none
(config)#username lab password cisco
(config)#interface vlan 1
(config-if)#ip address 10.0.0.x 255.0.0.0
(config-if)#no shutdown
13
Task 2: Create data & voice VLANs
(config)#vtp domain lab
!create VLANs from 2 till 11,create VLAN 99 with name voice!
(config)#vlan 99
(config-vlan)#name voice
#show vtp status
#show vlan
14
Lab 8: Task 4 MST (Multiple STP)
! Step 1 Enable MST on the switch:
Switch(config)# spanning-tree mode mst
! Step 2 Enter the MST configuration mode:
Switch(config)# spanning-tree mst configuration
! Step 3 Assign a region configuration name (up to 32 characters):
Switch(config-mst)# name lab
! Step 4 Assign a region configuration revision number (0 to 65,535):
Switch(config-mst)# revision 5
! Step 5 Map VLANs to an MST instance:
Let instance 1: VLAN 1-5, instance 2: VLAN 6-10
Switch(config-mst)# instance <instance-id> vlan <vlan-list>
Switch(config-mst)#show pending
Switch(config-mst)#exit
15
Task 5: STP Optimization:
! making access port faster at startup!
(config-if)#spanning-tree portfast
! attach a PC & check leds & interfaces status, and how port will
jump to forward state immediately !
Protecting STP:
! protect the root switch !
(config-if)#spanning-tree guardroot
! try to attach a new switch to any unused port, then check the port
status using:
#show spanning-tree inconsistent