How to setup VLAN on a cisco switch

Here today in this tutorial we will learn how to setup and configure VLAN on cisco switches.We will learn how to create VLANs and Ports.We will also learn how to Remove VLANs and ports. Troubleshooting tips related to VLANs.How to assign vlan membership and we also learn how to convert connection link to trunk.But before configuring VLAN,I will love to inform you that you don’t need to configure VLAN untill or unless your network get so large and have so much traffic.I have seen so many people configuring and using VLAN only because the network they are working on was already using them.

Note:by default all the devices coonected with a switch are in VLAN 1.

So you dont need to do anything to use switch for your connectivity, you just have to connect your devices with switch ports and you are in network.

A VLAN is a broadcast domain formed by switches.

VLAN’s provide better performance for medium and large LAN’s.

A trunk port is a special port that runs ISL or 802.1q so that it can carry traffic from more than one VLAN.

After vlan successful configuration devices in same vlan can only communicate with each other.

Now see below how to create VLAN on SWITCH?

first we need to create new VLANs.
Then we need to put each port in the proper VLAN.

Create VLANs on SWITCH 1:
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 50
Switch(config-vlan)#name HR
Switch(config-vlan)#exit
Switch(config)#vlan 60
Switch(config-vlan)#name ADMIN
Switch(config-vlan)#exit
Switch(config)#exit

Verify whether VLAN has been create or not using show vlan command.

Switch#show vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
50 HR active
60 ADMIN active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

Hence in above output you can clearly see that two VLANs VLAN50 and VLAN60 has been created.
Now assign VLAN Membership

As we all know VLAN can be assigned statically or dynamically. Keeping CCNA exam in mind i have used static method to assign vlan membership because CCNA certification exam only includes static method to assign VLAN membership.

Now understand the code pattern:
switchport access vlan [vlan number] command is used to assign VLAN to the interface.

Below commands will assign VLANs to the interfaces of SWITCH 1:

Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50
Switch(config-if)#exit
Switch(config)#int fa0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50
Switch(config-if)#exit
Switch(config)#int fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 60
Switch(config-if)#exit
Switch(config)#int fa0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 60
Switch(config-if)#exit
Switch(config)#exit

Again verify whether proper port is assigned with proper vlan or not.
Switch#show vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
50 HR active Fa0/3, Fa0/4
60 ADMIN active Fa0/1, Fa0/2

HOW TO CHANGE CONNECTION LINK IN TO TRUNK?
As we know by default all interface on switch starts as access link.
We use switchport mode trunk command to change connection link in trunk.
Go to interface mode and run below command to change all required interfaces connection link in trunk.

Switch#config t

Switch(config)#int fa0/5
Switch(config-if)#switchport trunk allowed vlan all
Switch(config-if)#switchport mode trunk

Switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
You can see or check PORT STATUS.

First Check port status of port 0/5 on which we create trunk line.

Switch#show port interface FastEthernet 0/5
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Check Port Status of 0/3

Switch#show port interface FastEthernet 0/3
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Check port status of port 0/1

Switch#show port interface FastEthernet 0/1
Port Security : Disabled
Port Status : Secure-down
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 0
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : 0000.0000.0000:0
Security Violation Count : 0
Switch#
Create VLANs on SWITCH 2:
Now we are going to create VLAN on SWITCH 2 and assign name to each VLAN.

Switch>enable
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 60
Switch(config-vlan)#name ADMIN
Switch(config-vlan)#exit
Switch(config)#vlan 50
Switch(config-vlan)#name HR
Switch(config-vlan)#exit
Switch(config)#exit
Switch#
%SYS-5-CONFIG_I: Configured from console by console

Switch#show vlan

ASSIGN VLAN MEMBERSHIP ON SWITCH 2:
Below commands will assign VLANs to the interfaces of SWITCH 2:
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 60
Switch(config-if)#exit
Switch(config)#int fa0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 60
Switch(config-if)#exit
Switch(config)#int fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50
Switch(config-if)#exit
Switch(config)#int fa0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50
Switch(config-if)#exit
Switch(config)#exit

Switch#show vlan

NOW CHANGE CONNECTION LINK IN TO TRUNK ON SWITCH 2:

Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#int fa0/5
Switch(config-if)#switchport trunk allowed vlan all
Switch(config-if)#switchport mode trunk

VLAN Troubleshooting command.

show vlan command is used in order to confirm that VLAN has been created.
Switch#show vlan

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24
50 HR active Fa0/3, Fa0/4
60 ADMIN active Fa0/1, Fa0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
1 enet 100001 1500 – – – – – 0 0
50 enet 100050 1500 – – – – – 0 0
60 enet 100060 1500 – – – – – 0 0
1002 fddi 101002 1500 – – – – – 0 0
1003 tr 101003 1500 – – – – – 0 0
1004 fdnet 101004 1500 – – – ieee – 0 0
1005 trnet 101005 1500 – – – ibm – 0 0

Remote SPAN VLANs
——————————————————————————
Primary Secondary Type Ports
——- ——— —————– ——————————————
Command helps us to see vlan more deeply.
Switch#show vlan ?
brief VTP all VLAN status in brief
id VTP VLAN status by VLAN id
name VTP VLAN status by VLAN name
<cr>
How to see brief information about VLANs.
Switch#show vlan brief

VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24
50 HR active Fa0/3, Fa0/4
60 ADMIN active Fa0/1, Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
How to see VLAN information if you know VLAN id.
below command will show the information of vlan 50 only.

Switch#show vlan id 50

VLAN Name Status Ports
—- ——————————– ——— ——————————-
50 HR active Fa0/3, Fa0/4

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
50 enet 100050 1500 – – – – – 0 0
How to see VLAN information if you know VLAN NAME.

Switch#show vlan name ADMIN

VLAN Name Status Ports
—- ——————————– ——— ——————————-
60 ADMIN active Fa0/1, Fa0/2

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
—- —– ———- —– —— —— ——– —- ——– —— ——
60 enet 100060 1500 – – – – – 0 0
How to enters in to VLAN Database mode?

Switch#vlan database
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Switch(vlan)#
Verify the configuration on any particular interface.

Switch#show interfaces fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 60 (ADMIN)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
Verify interface 0/5 on which trunk line has been created.

Switch#show interfaces fa0/5 switchport
Name: Fa0/5
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none

How to remove a VLAN from switch?

here in belwo command i am going to remove vlan 50.

Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#no vlan 50

Now verify whether vlan 50 has been removed or not.
Switch#show vlan brief

When and why we need to configure VLANs?

To make a single switch in to multiple virtual switches.
When we are feeling a lot of broadcast traffic on our vlan.

Note:For devices in different VLAN’s to communicate, you must use a router or Layer 3 switch.

Comments

mohammed abduselam says:

30 Jan 2020 at 2:14 pm

your website is best so add more new

LikeLike

Reply
- satish tiwary says:
  
  1 Feb 2020 at 5:12 am
  
  thank you
  
  LikeLike
  
  Reply

Learn Linux CCNA CEH IPv6 Cyber-Security Online

Top Posts & Pages

Blog Stats

Google Translation

Blog Stats

How to setup VLAN on a cisco switch