==
Home » Uncategories » Cisco Switch Configuration

Cisco Switch Configuration

Cisco Switch Configuration





ENABLE
CONFIGURE TERMINAL

!********** HOSTNAME *********
HOSTNAME N1-B1-SW1

!********** ENABLE PASSWORD *********
ENABLE SECRET CISCO

!********** VTY LINE *********
LINE VTY 0 4
  SECRET CISCO

!********** CONSOLE LINE *********
LINE CONSOLE 0
  SECRET CISCO
  EXEC-TIMEOUT 180
  LOGGING SYNCHRONOUS
  NO IP DOMAIN LOOKUP

!********** BANNER MOTD *********
BANNER MOTD $
**
**
*****************************
******* DO NOT LOG IN *******
*****************************
**
**
$

!********** DOMAIN / SSH *********
IP DOMAIN-NAME LAB1.COM
CRYPTO KEY GENERATE RSA
1024
IP SSH VERSION 2

!********** SERVER *********
IP NAME-SERVER 4.2.2.2 4.2.2.3
NO IP HTTP SERVER
NPT SERVER 64.73.32.135

!********** VLAN *********
CONFIGURE TERMINAL
INTERFACE VLAN 1
 SHUTDOWN
 EXIT


!********** VLAN 71 *********

 INTERFACE VLAN 71
 IP ADDRESS 10.1.71.1 255.255.255.0
 NO SHUT DOWN
 END


!********** WRITE TO MEMORY *********!**********!**********

WRITE MEM

!********** OBJECTIVE 2 *********!**********!**********

!********** MAY BE USE ON GNS3
CONFIGURE TERMINAL
VTP FILE NVRAM:VLAN.DAT
DO WRITE MEM
EXIT

!********** SW1 *********!**********!**********

VLAN DATABASE
VLAN 64 NAME "CLIENT VOICE"
VLAN 66 NAME "CLIENT DATA"
VLAN 68 NAME "SERVER"
VLAN 69 NAME "PUBLIC WIFI"
VLAN 70 NAME "PRIVATE LAB"
VLAN 71 NAME " MANAGEMENT"
VLAN 10 NAME "INTERNET DMZ"

!********** SW2 & SW3 *********

VLAN DATABASE
VLAN 64 NAME "CLINET VOICE"
VLAN 66 NAME "CLIENT DATA"
VLAN 69 NAME "PUBLIC WIFI"
VLAN 71 NAME "MANAGEMENT"

!********** OBJECTIVE 3 ETHERCHANNEL  *********

!*** SW1 ***
CONFIGURE TERMINAL
INTERFACE RANGE FASTETHERNET 1/0 - 1
CHANNEL-GROUP 1 MODE ON

INTERFACE RANGE FASTETHERNET 1/2 - 3
CHANNEL-GROUP 2 MODE ON

!*** SW2 & SW3  *** !**********!**********
CONFIGURE TERMINAL
INTERFACE RANGE FASTETHERNET 1/0 - 1
CHANNEL-GROUP 1 MODE ON

!********** SHOW ETHERCHANNEL SUMMARY **** TO SEE PORTS

!******USE PORT-CHANNEL TO CONFIURE NOT FA 0/1

CONFIGURE TERMINAL
INTERFACE PORT-CHANNEL1
DUPLEX FULL

!********** SHOW IP INT BRIEF *** !**********!**********

!********** SW1 TRUNK *************

CONFIGURE TERMINAL
INTERFACE PORT-CHANNEL 1
SWITCHPORT TRUNK ENCAPSULATION DOT1Q
SWITCHPORT MODE TRUNK

******* SHOW INTERFACES TRUNK  !**********!**********

SWITCHPORT TRUNK ALLOWED VLAN 1, 64, 66, 69, 71, 1002-1005

INTERFACE PORT-CHANNEL 2
SWITCHPORT TRUNK ENCAPSULATION DOT1Q
SWITCHPORT MODE TRUNK

!******* SHOW INTERFACES TRUNK  !**********!**********
!******* BUT BY DEFAULT ALL VLAN ARE INCLUDED  !**********!**********

SWITCHPORT TRUNK ALLOWED VLAN 1, 64, 66, 69, 71, 1002-1005

!********** SW2 & SW3 TRUNK *************

CONFIGURE TERMINAL
INTERFACE PORT-CHANNEL 1
SWITCHPORT TRUNK ENCAPSULATION DOT1Q
SWITCHPORT MODE TRUNK

******* SHOW INTERFACES TRUNK !**********!**********

SWITCHPORT TRUNK ALLOWED VLAN 1, 64, 66, 69, 71, 1002-1005

!********** SW1  VLAN PORTS ASSIGNMENTS *************
CONFIGURE TERMINAL
INTERFACE RANGE FASTETHERNET 1/4 - 13
 SWITCHPORT MODE ACCESS
 SWITCHPORT ACCESS VLAN 68
INTERFACE RANGE FASTETHERNET 1/14
 SWITCHPORT MODE ACCESS
 SWITCHPORT ACCESS VLAN 70
INTERFACE RANGE FASTETHERNET 1/15
 NO SWITCHPORT
 IP ADDRESS 10.1.254.1 255.255.255.252

!********** SW2 & SW3  VLAN PORTS ASSIGNMENTS *************
CONFIGURE TERMINAL
INTERFACE RANGE FASTETHERNET 1/2 - 14
 SWITCHPORT MODE ACCESS
 SWITCHPORT ACCESS VLAN 66
 SWITCHPORT VOICE VLAN 64
INTERFACE RANGE FASTETHERNET 1/15
 SWITCHPORT MODE TRUNK
 SWITCHPORT TRUNK ALLOWED VLAN 1, 66, 69, 71, 1002-1005


!********** OBJECTIVE 6 ----LAYER 3 SWITCHING *******
!********** SW1 *****!**********!**********
CONFIGURE TERMINAL

!***** START ROUTING !**********!**********
IP ROUTING

 INTERFACE VLAN 64
  IP ADDRESS 10.1.64.1 255.255.254.0
  DESCRIPTION "VOICE VLAN"
 INTERFACE VLAN 66
  IP ADDRESS 10.1.66.1 255.255.254.0
  DESCRIPTION "DATA VLAN"
 INTERFACE VLAN 68
  IP ADDRESS 10.1.68.1 255.255.255.0
  DESCRIPTION "SERVER VLAN"
 INTERFACE VLAN 69
  IP ADDRESS 10.1.69.1 255.255.255.0
  DESCRIPTION "PUBLIC WIFI"
 INTERFACE VLAN 70
  IP ADDRESS 10.1.70.1 255.255.255.0
  DESCRIPTION "PRIVATE LAB VLAN"

!********** OBJECTIVE 7 *** SPANNING TREE *****
!********** SPANNING TREE HELP IN LOAD BALANCING ****
!********** SW1 *****!**********!**********
SPANNING-TREE VLAN 64 ROOT PRIMARY
SPANNING-TREE VLAN 66 ROOT PRIMARY
SPANNING-TREE VLAN 68 ROOT PRIMARY
SPANNING-TREE VLAN 69 ROOT PRIMARY
SPANNING-TREE VLAN 70 ROOT PRIMARY
SPANNING-TREE VLAN 71 ROOT PRIMARY

INTERFACE RANGE FASTETHERNET 1/5 - 15
 SPANNING-TREE PORTFAST

!********** SW2 & SW3 *****!**********!**********

INTERFACE RANGE FASTETHERNET 1/2 - 14
 SPANNING-TREE PORTFAST

!**********!********** OBJECTIVE 8 --END DEVICE CONFIGURATION !**********!**********
!**********!********** SERVER !**********!**********
!**********!********** NOTE: ADD SPEED AND DUPLEX
CONFIGURE TERMINAL
HOSTNAME SERVER
INTERFACE FASTETHERNET 0/0
 IP ADDRESS 10.1.68.50 255.255.255.0
 SPEED 100
 DUPLEX FULL
 NO SHUTDOWN
 EXIT

NO IP ROUTING
IP DEFAULT-GATEWAY 10.1.68.1
NO IP DOMAIN-LOOKUP

!**********!********** PC1 !**********!**********

CONFIGURE TERMINAL
HOSTNAME PC1
INTERFACE FASTETHERNET 0/0
 IP ADDRESS 10.1.66.50 255.255.254.0
 SPEED 100
 DUPLEX FULL
 NO SHUTDOWN
 EXIT

NO IP ROUTING
IP DEFAULT-GATEWAY 10.1.66.1
NO IP DOMAIN-LOOKUP

!**********!********** PC2 !**********!**********

CONFIGURE TERMINAL
HOSTNAME PC2
INTERFACE FASTETHERNET 0/0
 IP ADDRESS 10.1.66.51 255.255.254.0
 SPEED 100
 DUPLEX FULL
 NO SHUTDOWN
 EXIT

NO IP ROUTING
IP DEFAULT-GATEWAY 10.1.66.1
NO IP DOMAIN-LOOKUP


!**********!********** ROUTER ON A STICK !**********!**********
!**********!********** OPTIONAL **** NOT GOOD PRACTISE FOR SECURITY !**********!********** !
!**********!********** REMOVE ALL ROUTING ON SWITCHES// MAKE SURE NO IP ADDRESSES ON THE SWITCH PORTS **********!**********


!**********!********** SW1 !**********!**********

CONFIGURE TERMINAL
INTERFACE FA1/5
NO IP ROUTING
END
!**********!**********!**********!**********

CONFIGURE TERMINAL
INTERFACE FA1/5
SWITCHPORT TRUNK ENCAPSULATION DOT1Q
SWITCHPORT MODE TRUNK


!**********!********** CONFIGURE ROUTER !**********!**********

CONFIGURE TERMINAL
 INTERFACE FA0/0
  NO SHUTDOWN
 
 INTERFACE FA0/0.64
    DESCRIPTION ROUTED INTERFACE FOR VOICE VLAN
    ENCAPSULATION DOT1Q 64
    IP ADDRESS 10.1.64.1 255.255.254.0

 INTERFACE FA0/0.66
    DESCRIPTION ROUTED INTERFACE FOR DATA VLAN
    ENCAPSULATION DOT1Q 66
    IP ADDRESS 10.1.66.1 255.255.254.0

 INTERFACE FA0/0.68
    DESCRIPTION ROUTED INTERFACE FOR SERVER VLAN
    ENCAPSULATION DOT1Q 68
    IP ADDRESS 10.1.68.1 255.255.255.0

 INTERFACE FA0/0.69
    DESCRIPTION ROUTED INTERFACE FOR PUBLIC WIFI VLAN
    ENCAPSULATION DOT1Q 69
    IP ADDRESS 10.1.69.1 255.255.255.0

 INTERFACE FA0/0.70
    DESCRIPTION ROUTED INTERFACE FOR PIRATE LAB VLAN
    ENCAPSULATION DOT1Q 70
    IP ADDRESS 10.1.70.1 255.255.255.0

 INTERFACE FA0/0.71
    DESCRIPTION ROUTED INTERFACE FOR MANAGEMENT VLAN
    ENCAPSULATION DOT1Q 71
    IP ADDRESS 10.1.71.1 255.255.255.0

EXIT















Admin

Pro Teknologi dibuat pada 22 Februari 2017. Blog ini adalah harapan saya agar dapat membagi manfaat kepada orang lain,berupa tips-tips Seputar Blog,Internet,Komputer,dan Info-Info Menarik lainnya.

0 Response to "Cisco Switch Configuration"

Post a Comment

Subscribe to: Post Comments (Atom)