Configure Cisco Switch/Router with VLANs

Purpose:

In this lab, we'll learn how to configure a Cisco SG300 switch/router to do layer-2 vlan switching between multiple Ethernet interfaces.

Procedure:

Setup:

You will work together in groups of 3.

0. Boot your 3 machines into Linux. Unplug 2 of the machines from all networks.

1. Get a Cisco SG300 switch/router and serial-to-USB cable from your benevolent professor. Connect the switch/router to a USB port on the one machine still connected to the orange network. Plug in the router now so that it starts booting.

2. Download and install putty on the same machine. (Use apt-get. If you don't remember how to do this, look back at a previous lab to see how.)

*** Q1: What is the command to get putty onto your computer? ***

3. Configure putty to be able to communicate with the router over the USB port (/dev/ttyUSB0).

run sudo putty
Click on Serial for the Connection Type:
Set the serial line to /dev/ttyUSB0
Click on Keyboard, then set backspace key to Control-H.
Click on Session. Click on Default Settings. Click Save.
Click Open.

4. Login

Hit Enter a few times. You should eventually see: (Your responses are in bold.)

User Name: ciscoPassword: cisco

Please change your password from the default settings. Please change the password for better protection of your network. Do you want to change the password (Y/N)[Y] ? N

switch4968b6#

5. Set some initial configuration options

switch4968b6# config terminal (set the device to receive configuration commands from the terminal)switch4968b6(config)# hostname is333-1 (or, better, choose your own name here)is333-1# end is333-1#show running-config<lots of output here>

*** Q2. What mode is the switch in? What version of software is running? ***

6. Let's create a new VLAN to do switching on

is333-1# config t is333-1(config)# vlan database is333-1(config-vlan)# vlan 10 is333-1(config-vlan)# int vlan 10 is333-1(config-if)# name red (or pick your own name here) is333-1(config-vlan)# end is333-1# show run

7. Now, we can add physical ports/interfaces to the VLAN

First, plug your other two computers into the switch/router in ports 1 and 2. Make sure you see the green carrier LEDs flash periodically. Then, do the following:

is333-1# config t is333-1(config)# int Gi1(short for GigabitEthernet 1)is333-1(config-if)# switchport mode access is333-1(config-if)# switchport access vlan 10 is333-1(config-if)# end is333-1# show vlan

Repeat step 7. for port Gi2. Then, do the following to save the current configuration to flash so that it is used after a reboot.

is333-1# copy running-config startup-config

8. Configuring IP addresses on the other machines

We don't have a DHCP server running anywhere, so we'll have to configure IP addresses on these machines "statically".

From the top launch bar, click on the Networking icon and do Edit.
Select Wired Connection 1, and click Edit...
Select IPv4 Settings tab. Change the Method: to Manual.
Click +Add
Enter 192.168.10.10, <tab>, 192.168.10.1.
Click Save...
In a terminal window, run ip addr and confirm that the machine has the IP address configured.
Repeat on the other machine (using a different IP address, on the 192.168.10 network).
Run ping between the machines to see if you can communicate.

9. Monitor the behavior

On the switch/router, run this command:

show mac address-table

*** Q3. What does it tell you? ***

Unplug one of the machines.
*** Q4. What output do you see printed on the console? ***
Run show mac address-table again.
*** Q5. What changed? ***
Run show spanning-tree
*** Q6. Describe some of the interesting information you see. ***

10. Access the switch from a browser

In order to access the web interface on the switch, we have to give the switch itself an IP address, and then we have to get onto that same network from another computer.

On the switch, do these commands:

is333-1# config t is333-1(config)# int vlan 1 (we are configuring the management vlan, vlan 1)is333-1(config-if)# ip address 192.168.1.1 /24 is333-1# end

*** Q7. Describe what the above commands did. ***

Now, on the Linux machine that you've been using to type commands into the switch/router console:

Remove the machine from the orange network.
Connect the machine via ethernet to the switch.
Configure the machine's ethernet interface to use a manual IP address, which you set to 192.168.1.2, with the gateway being 192.168.1.1.

Open a browser on the Linux box and go to 192.168.1.1. Use cisco for the username, and cisco for the password.

Now, poke around a bit on the web interface. Look at statistics for the interfaces, vlan information, etc.

*** Q8. Describe how you can view the system log and describe what you see in that log. ***

*** Q9. Describe how you can change one of the ports being used (port 1 or 2) to be "Administratively Down". ***

11. Clean up and submit your answers via moodle.

via the console window, reset the switch/router back to default factory mode:
delete startup-config
reload

Clean up your ethernet cables nicely and put them away.

On each machine change the interfaces back to using DHCP (Automatic) from Manual IP address configuration. Plug the machines back in to the orange network and confirm that they get 153.106.x.y IP addresses.