2020-06-29

Published June 29, 2020 by mark with 0 comment

InterVLAN Routing on Layer 3 Cisco Switch

1. Enable IP routing on the switch.

Switch#conf t
Switch(config)# ip routing


2. Create a VLAN.

Switch(config)#vlan 10
Switch(config-vlan)#name MARKETING
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config-vlan)#name HR
Switch(config-vlan)#exit


3. Configure VLAN interface with IP Address.

Switch(config)#int vlan 10
Switch(config-if)#ip address 10.0.10.250 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#int vlan 20
Switch(config-if)#ip address 10.0.20.250 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#


4. Configure one interface of the switch to become default router.

Switch(config)#int gigabitEthernet 2/0/1
Switch(config-if)#no switchport
Switch(config-if)#no shutdown
Switch(config-if)#ip address 10.0.1.1 255.255.255.0
Switch(config-if)#exit
Switch(config)#exit
Switch#copy run start


5. Configure DHCP for each VLAN.

Switch#conf t
Switch(config)#ip dhcp pool MARKETING
Switch(dhcp-config)#network 10.0.10.0 255.255.255.0
Switch(dhcp-config)#default-router 10.0.10.250
Switch(dhcp-config)#dns-server 8.8.8.8
Switch(dhcp-config)#ip dhcp excluded-address 10.0.10.250 10.0.10.254
Switch(dhcp-config)#exit
Switch(config)#ip dhcp pool HR
Switch(dhcp-config)#network 10.0.20.250 255.255.255.0
Switch(dhcp-config)#default-router 10.0.20.250
Switch(dhcp-config)#dns-server 8.8.8.8
Switch(dhcp-config)#ip dhcp excluded-address 10.0.20.250 10.0.20.254
Switch(dhcp-config)#exit
Switch(config)#exit
Switch#copy run start


6. Assign VLAN to an interface.

Switch#conf t
Switch(config)#int range gigabitEthernet 20/0/2-10
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#no shutdown
Switch(config-if-range)#exit
Switch(config)#
Switch(config)#int range gigabitEthernet 2/0/11-22
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#no shutdown
Switch(config-if-range)#exit
Switch(config)#



Read More

2020-06-28

Published June 28, 2020 by mark with 0 comment

Initial Configuration on Cisco Switch

Switch>
Switch>enable
Switch#
Switch#conf t
Switch(config)#no logging console
Switch(config)#no ip domain lookup
Switch(config)#no service config
Switch(config)#service password-encryption
Switch(config)#enable secret cisco


Restrict Access to Switch via Console.

Switch(config)#line console 0
Switch(config-line)#password cisco1
Switch(config-line)#login
Switch(config-line)#exec-timeout 5
Switch(config-line)#logging synchronous
Switch(config-line)#exit


Restrict Access to Switch via Telnet.

Switch(config)#line vty 0 4
Switch(config-line)#password cisco1
Switch(config-line)#login
Switch(config-line)#exec-timeout 5
Switch(config-line)#logging synchronous
Switch(config-line)#end
Switch#copy run start

Configure a Trunk Port
We need to configure a trunk port when we connect
two or more switches on our network.

Switch#conf t
Switch(config)#int range fa0/23-24
Switch(config-if-range)#no shutdown
Switch(config-if-range)#switchport trunk encapsulation dot1q
Switch(config-if-range)#switchport mode trunk

Configure a VLAN

 Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 10
Switch(config-vlan)#name ACCOUNTING

Assign Ports to a VLAN

 Switch(config-vlan)#int range giga0/1-10
Switch(config-if-range)no shutdown
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#exit
Switch(config)#do show vlan br

Configure Port Security

Switch#conf t
Switch(config)#int range fa0/1-22
Switch(config-if-range)#switchport port-security mac-address sticky                                          Switch(config-if-range)#switchport port-security maximum 1
Switch(config-if-range)#switchport port-security violation shutdown
Switch(config-if-range)#switchport port-security




Read More

2020-06-18

Published June 18, 2020 by mark with 0 comment

Configure Dual ISP Failover in Cisco



1. Configure the first router for your first ISP.

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip route 0.0.0.0 0.0.0.0 10.0.10.1
Router(config)#exit

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fastEthernet 2/0
Router(config-if)#description WAN
Router(config-if)#ip address 10.0.10.2 255.255.255.0
Router(config-if)#ip nat outside
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#exit
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]

Router(config)#int fa2/1
Router(config-if)#description LAN
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.1.1 255.255.0.0
Router(config-if)#ip nat inside
Router(config-if)#standby 1 ip 192.168.1.3
Router(config-if)#standby 1 priority 105
Router(config-if)#standby 1 preempt
Router(config-if)#exit
Router(config)#exit

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip name-server 8.8.8.8
Router(config)#ip name-server 8.8.4.4
Router(config)#exit
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]

Router(config)#ip access-list standard LAN
Router(config-std-nacl)#permit 192.168.0.0 0.0.255.255
Router(config-std-nacl)#exit
Router(config)#ip nat inside source list LAN int fa2/0 overload
Router(config)#exit
Router#copy run start

2. Configure the second router for your second ISP.

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip route 0.0.0.0 0.0.0.0 10.0.11.1
Router(config)#exit

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa
Router(config)#int fastEthernet 2/0
Router(config-if)#description WAN
Router(config-if)#ip address 10.0.11.2 255.255.255.0
Router(config-if)#ip nat outside
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#exit
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]

Router(config)#int fa2/1
Router(config-if)#description LAN
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.1.1 255.255.0.0
Router(config-if)#ip nat inside
Router(config-if)#standby 1 ip 192.168.1.3
Router(config-if)#standby 1 preempt
Router(config-if)#exit
Router(config)#exit

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#ip name-server 8.8.8.8
Router(config)#ip name-server 8.8.4.4
Router(config)#exit
Router#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]

Router(config)#ip access-list standard LAN
Router(config-std-nacl)#permit 192.168.0.0 0.0.255.255
Router(config-std-nacl)#exit
Router(config)#ip nat inside source list LAN int fa2/0 overload
Router(config)#exit
Router#copy run start


3. Configure the IP address of the client pc.

IP address: 192.168.1.10
Subnet Mask: 255.255.0.0
Gateway: 192.168.1.3
DNS Server: 8.8.8.8

4. Connect the 2 network cables from your 2 routers into the switch.
    Try to type ping 8.8.8.8 on the command prompt on the computer that was
    connected to the switch. Then unplug the cable of your first router from the
    switch. The computer will be disconnected to the internet for few seconds.                                           It will automatically connect to your second ISP.
Read More

Published June 18, 2020 by mark with 0 comment

Bandwidth Limit on Cisco Router

1. Configure Access List for each IP address or Network.

2. Apply a Class - Map for each access-list.

3.Setup a Policy-Map.

4.Apply the Service - Policy to an interface of the router.

On this tutorial, it limit the download speed into 10Mbps and 20Mbps.
Test your bandwidth using Speedtest.net website.
Don't forget to save your work using copy run start command.




Read More
Published June 18, 2020 by mark with 0 comment

Basic Configuration for Cisco Router


This is the basic configuration for your Cisco router.Access your router and type
the following commands.

Router>
Router>enable
Router#
Router#conf t
Router(config)#no logging console
Router(config)#no ip domain lookup
Router(config)#no service config
Router(config)#service password-encryption
Router(config)#enable secret cisco

Restrict access to the router via console.

Router(config)#line console 0
Router(config-line)#password cisco1
Router(config-line)#login
Router(config-line)#exec-timeout 5
Router(config-line)#logging synchronous
Router(config-line)#exit

Restrict access to the router via telnet.

Router(config)#line vty 0 4
Router(config-line)#password cisco1
Router(config-line)#login
Router(config-line)#exec-timeout 5
Router(config-line)#logging synchronous
Router(config-line)#end
Router#copy run start

Configure Static Route.

Router#
Router#conf t
Router(config)#
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1

Note. Supposed 192.168.1.1 is the given gateway IP address of the ISP

Configure ISP's IP address and NAT on the interface fa0/0.

Router(config)#int fa0/0
Router(config-if)#description WAN
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#ip nat outside
Router(config-if)#exit

Configure IP address and NAT for local area network.

Router(config)#
Router(config)#int fa0/1
Router(config-if)#description LAN
Router(config-if)#ip address 10.0.10.1 255.255.255.0
Router(config-if)#ip nat inside
Router(config-if)#no shutdown
Router(config-if)#exit


Configure Access Control List and PAT to connect to internet.

Router(config)#ip access-list standard LAN
Router(config-std-nacl)#permit 10.0.10.0 0.0.0.255
Router(config-std-nacl)#exit
Router(config)#ip nat inside source list LAN int fa0/0 overload
Router(config)#exit
Router#copy run start

Configure the DHCP Server

Router#
Router#conf t
Router(config)#ip dhcp excluded-address 10.0.10.1 10.0.10.10
Router(config)#ip dhcp pool CISCO
Router(dhcp-config)#network 10.0.10.0 255.255.255.0
Router(dhcp-config)#default-router 10.0.10.1
Router(dhcp-config)#dns-server 8.8.8.8
Router(dhcp-config)#exit






Read More

Subscribe to: Posts (Atom)