LAB CATALYST 2950 SWITCH CONFIGURATION
Prerequisite Setup – You will configure an Ethernet router with an IP address of 197.10.1.1 255.255.255.0 to E0. You will connectE0 on your Router to E0/1 on Switch1. You will then connect Switch 1 and 2 together via port FA0/12 on each. Finally, you will connect a PC with an IP of 197.10.1.2 255.255.255.0 default gateway 197.10.1.1 to E0/1 via Switch2.
1. In this lab, you will configure basic IOS commands on switch1 and switch2 which are Catalyst 2950 switches.
2. HyperTerminal into Switch1 (Catalyst 2950). Press enter to get into the user prompt mode.
Enter enable to get into privileged mode.
Type ? to see a list of privileged mode commands. Enter disable to go back to user mode.
enter
> enable
# ?
# disable
>
3. On switch1, go into privileged mode and then into global configuration mode. Assign Switch1 a host name of 2950sw1.
Use exit or ctrl-z to get out of configuration mode.
> enable
# configure terminal
(config)# hostname 2950sw1
2950sw1(config)# exit
2950sw1#
4. On switch1, type show running-config to see the active configuration.
2950sw1# show running-config
5. On switch1, type copy running-config startup-config to save the active configuration to NVRAM. Display the saved configuration in NVRAM
with the show startup-config command.
2950sw1# copy running-config startup-config
2950sw1# show startup-config
6. On switch1, erase the saved configuration and reload the box.
2950sw1# erase startup-config
2950sw1# reload
7. On switch1, go into privileged mode and then into global configuration mode. Reassign the switch a hostname of 2950sw1 and an enable pass of ‘cisco’ (unencrypted).
Assign the switch an IP address of 197.10.1.99 with a subnet mask of 255.255.255.0.
Assign the switch a default gateway of 197.10.1.1 (your router’s Ethernet address).
> enable
# configure terminal
(config)# hostname 2950sw1
2950sw1(config)# enable password cisco
2950sw1(config)# interface vlan1
2950sw1(config-if)# ip address 197.10.1.99 255.255.255.0
2950sw1(config-if)# no shutdown
2950sw1(config-if)# exit
2950sw1(config)# ip default-gateway 197.10.1.1
8. On switch1, issue the show interface vlan1 command to verify that the IP address, mask, and default gateway are correct.
2950sw1# show interface vlan1
9. On switch1, issue the show interfaces command.
2950sw1# show interfaces
10. HyperTerminal into Switch 2 (Catalyst 2950). Configure it with a hostname of 2950sw2 and an enable password of cisco
(the enable password should be encrypted when displaying the configuration file). Assign an IP address of 197.10.1.100/24 and a default gatew
of 197.10.1.1.
> enable
# configure terminal
(config)# hostname 2950sw2
2950sw2(config)# enable secret cisco
2950sw2(config)# interface vlan1
2950sw2(config-if)# ip address 197.10.1.100 255.255.255.0
2950sw2(config-if)# no shutdown
2950sw2(config-if)# exit
2950sw2(config)# ip default-gateway 197.10.1.1
On switch2, issue the show version command.
2950sw2# show version
11. On switch4, issue the show spantree command.
2950sw4# show spantree
12. On switch2, issue the show mac-address-table command. This shows which devices are attached to which switch ports.
2950sw4# show mac-address-table
13. On switch2, permanently assign a device with MAC address 4444-4444-4444 to port fa0/5. Issue the show mac-address-table command to verify the device is in the table as a permanent entry.
2950sw2(config)# mac-address-table static 4444-4444-4444 vlan 1 int fa0/5
2950sw2(config)# exit
2950sw2# show mac-address-table
14. On switch2, configure port security for port fa0/9. The switch will ‘sticky-learn’ the MAC address of the device connected to port fa0/9 and will only allow that device to connect to the port in the future.
2950sw2(config)# interface fa0/9
2950sw2(config-if)# switchport port-security
2950sw2(config-if)# switchport port-security maximum 1
LAB VLANs and TRUNKING (Catalyst 2950 Switches)
1. In this lab, you will set up VLANs on switch1 and switch2 (Catalyst 2950 switches) and test them by pinging between your router and PC.
Your Router is connected to e0/1 on switch1 and the PC is connected to e0/1 on switch2.
Switch1 and switch2 are interconnected through their fa0/12 Fast Ethernet ports.
2. On the PC using winipcfg, configure an IP address of 197.10.1.2/24 and a default gateway of 197.10.1.1.
c:> winipcfg
3. Verify you can presently ping between the PC and your router. If you cannot ping successfully, check that your router’s Ethernet0 IP address is 197.10.1
and that the interface is enabled. Also, using the winipcfg utility, check that PC has a configured IP address of 197.10.1.2/24.
c:> ping 197.10.1.1
4. On switch1 and switch2, issue the show vlan command. You should note that, by default, all switch ports are in VLAN1. Because your router, PC and the switch-to-switch link are all in VLAN1, you should be able to ping between the PC2 and the router.
2950swx# show vlan
5. On switch1 and switch2, set up a VTP domain called ciscokits. Verify it has been created with the show vtp status command.
2950swx# vlan database
2950swx(vlan)# vtp domain ciscokits
2950swx(vlan)# ctrl-z
2950swx# show vtp status
6. On switch1 and switch2, create VLAN 20, calling it 2950vlan. Issue the show vlan command to verify it was successfully created.
2950swx# vlan database
2950swx(vlan)# vlan 20 name 2950vlan
2950swx(vlan)# exit
2950swx# show vlan
7. On switch1 and switch2, assign the fa0/1 ports to the new VLAN you created. Your Router and PC are attached to these ports. Issue the show vlan command on both switches to verify these ports have been moved to VLAN20. .
2950swx(config)# interface fa0/1
2950swx(config-if)# switchport access vlan 20
2950swx(config-if)# ctrl-z
2950swx# show vlan
8. Now that both your router and PC are in VLAN20, try to ping from the PC to the router. It should fail.
c:> ping 197.10.1.1
9. Make the link between switch1 and switch2 a trunk line capable of carrying traffic for any VLAN.
Use the show interface fa0/12 switchport command to verify trunking is enabled on port fa0/12 on both switches.
2950swx(config)# interface fa0/12
2950swx(config-if)# switchport mode trunk
2950swx(config-if)# ctrl-z
2950swx# show interface fa0/12 switchport
10. Now ping between the PC and the router. The pings should succeed because both devices are in the same VLAN and the inter-switch link is a trunk line capable of carrying traffic for any VLAN.
c:> ping 197.10.1.1
Tuesday, September 30, 2008
3 WAY TO SETUP ROUTER WITH FRAME RELAY
Hardware Requirement:
* 1 Router with 2 Serials
* 2 Router with 1 Serial
* 2 DTE/DCE Serial Cables
* IOS Version 11.x or later
CONFIGURATION OF FRAME RELAY ROUTER
Router>enable
Router#conf t
Router(config)#hostname FR
FR(config)#enable password cisco
FR(config)#frame-relay switching
FR(config-if)#int s0
FR(config-if)# no ip address
FR(config-if)# encapsulation frame-relay
FR(config-if)# clockrate 64000
FR(config-if)# frame-relay lmi-type ansi
FR(config-if)# frame-relay intf-type dce
FR(config-if)# frame-relay route 100 interface Serial1 200
FR(config-if)# no shut
FR(config-if)#int s1
FR(config-if)# no ip address
FR(config-if)# encapsulation frame-relay
FR(config-if)# clockrate 64000
FR(config-if)# frame-relay lmi-type ansi
FR(config-if)# frame-relay intf-type dce
FR(config-if)# frame-relay route 200 interface Serial0 100
FR(config-if)# no shut
FR(config-line)#line vty 0 4
FR(config-line)# password cisco
FR(config-line)# login
FR(config-line)#end
FR#write
CONFIGURATION OF ROUTER 1
Router>Enable
Router#conf t
Router(config)#hostname R1
R1(config)#enable password cisco
R1(config-line)#line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config)#int loopback 0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#no shut
R1(config-if)#int s0
R1(config-if)# encapsulation frame-relay
R1(config-if)# frame-relay lmi-type ansi
R1(config-if)# no shut
R1(config)#int Serial0.1 point-to-point
R1(config-subif)# ip address 192.168.1.1 255.255.255.0
R1(config-subif)# frame-relay interface-dlci 100
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
R1#write
CONFIGURATION OF ROUTER 2
Router>Enable
Router#conf t
Router(config)#hostname R2
R2(config)#enable password cisco
R2(config-line)#line vty 0 4
R2(config-line)# password cisco
R2(config-line)# login
R2(config)#int loopback 0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#no shut
R2(config)#int s0
R2(config-if)# no ip address
R2(config-if)# encapsulation frame-relay
R2(config-if)# frame-relay lmi-type ansi
R2(config-if)# no shut
R2(config-if)#interface Serial0.1 point-to-point
R2(config-subif)# ip address 192.168.1.2 255.255.255.0
R2(config-subif)# frame-relay interface-dlci 200
R2(config-if)#no ip classless
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
R2#write
TEST CONNECTIVITY OF FRAME RELAY ROUTER
FR#sho frame route
Input Intf Input Dlci Output Intf Output Dlci Status
Serial0 100 Serial1 200 active
Serial1 200 Serial0 100 active
FR#
TESTING CONNECTIVITY ROUTER 1
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36
ms
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/61/64
ms
R1#show frame-relay map
Serial0.1 (up): point-to-point dlci, dlci 100(0x64,0x1840), broadcast
status defined, active
R1#sho ip route
(Output omitted)
Gateway of last resort is 192.168.1.2 to network 0.0.0.0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, Serial0.1
S* 0.0.0.0/0 [1/0] via 192.168.1.2
R1#
TESTING CONNECTIVITY ROUTER 2
R2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms
R2#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/62/68 ms
R2#sho frame map
Serial0.1 (up): point-to-point dlci, dlci 200(0xC8,0x3080), broadcast
status defined, active
R2#sho ip route
(Output omitted)
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, Serial0.1
S* 0.0.0.0/0 [1/0] via 192.168.1.1
R2#
Frame Relay Monitoring
Router# show interface or show interface serial are the most common commands which show a wide variety of information including showing you the DLCI used for LMI. When monitoring Frame Relay information on the router, a number of items are typically monitored including DLCI and LMI.
Router# debug frame-relay LMI command that you would use to monitor LMI information
Frame Relay Troubleshooting
If a Frame-Relay DLCI attains a state other than “active” meaning inactive or deleted, you can check the Frame-Relay configuration to make sure its configuration matches the configuration of the router acting as the Frame-Relay DTE device.
Router# show frame-relay pvc - can be used to verify that the Frame-Relay PVCs are active and operational
Router# show frame-relay route - can be used to get a listing of the status of all the PVC’s
Router# show frame-relay map - can be used to verify that inverse ARP has successfully mapped remote network layer addresses to the appropriate DLCI.
* 1 Router with 2 Serials
* 2 Router with 1 Serial
* 2 DTE/DCE Serial Cables
* IOS Version 11.x or later
CONFIGURATION OF FRAME RELAY ROUTER
Router>enable
Router#conf t
Router(config)#hostname FR
FR(config)#enable password cisco
FR(config)#frame-relay switching
FR(config-if)#int s0
FR(config-if)# no ip address
FR(config-if)# encapsulation frame-relay
FR(config-if)# clockrate 64000
FR(config-if)# frame-relay lmi-type ansi
FR(config-if)# frame-relay intf-type dce
FR(config-if)# frame-relay route 100 interface Serial1 200
FR(config-if)# no shut
FR(config-if)#int s1
FR(config-if)# no ip address
FR(config-if)# encapsulation frame-relay
FR(config-if)# clockrate 64000
FR(config-if)# frame-relay lmi-type ansi
FR(config-if)# frame-relay intf-type dce
FR(config-if)# frame-relay route 200 interface Serial0 100
FR(config-if)# no shut
FR(config-line)#line vty 0 4
FR(config-line)# password cisco
FR(config-line)# login
FR(config-line)#end
FR#write
CONFIGURATION OF ROUTER 1
Router>Enable
Router#conf t
Router(config)#hostname R1
R1(config)#enable password cisco
R1(config-line)#line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config)#int loopback 0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#no shut
R1(config-if)#int s0
R1(config-if)# encapsulation frame-relay
R1(config-if)# frame-relay lmi-type ansi
R1(config-if)# no shut
R1(config)#int Serial0.1 point-to-point
R1(config-subif)# ip address 192.168.1.1 255.255.255.0
R1(config-subif)# frame-relay interface-dlci 100
R1(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.2
R1#write
CONFIGURATION OF ROUTER 2
Router>Enable
Router#conf t
Router(config)#hostname R2
R2(config)#enable password cisco
R2(config-line)#line vty 0 4
R2(config-line)# password cisco
R2(config-line)# login
R2(config)#int loopback 0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#no shut
R2(config)#int s0
R2(config-if)# no ip address
R2(config-if)# encapsulation frame-relay
R2(config-if)# frame-relay lmi-type ansi
R2(config-if)# no shut
R2(config-if)#interface Serial0.1 point-to-point
R2(config-subif)# ip address 192.168.1.2 255.255.255.0
R2(config-subif)# frame-relay interface-dlci 200
R2(config-if)#no ip classless
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
R2#write
TEST CONNECTIVITY OF FRAME RELAY ROUTER
FR#sho frame route
Input Intf Input Dlci Output Intf Output Dlci Status
Serial0 100 Serial1 200 active
Serial1 200 Serial0 100 active
FR#
TESTING CONNECTIVITY ROUTER 1
R1#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36
ms
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/61/64
ms
R1#show frame-relay map
Serial0.1 (up): point-to-point dlci, dlci 100(0x64,0x1840), broadcast
status defined, active
R1#sho ip route
(Output omitted)
Gateway of last resort is 192.168.1.2 to network 0.0.0.0
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, Serial0.1
S* 0.0.0.0/0 [1/0] via 192.168.1.2
R1#
TESTING CONNECTIVITY ROUTER 2
R2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms
R2#ping 192.168.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/62/68 ms
R2#sho frame map
Serial0.1 (up): point-to-point dlci, dlci 200(0xC8,0x3080), broadcast
status defined, active
R2#sho ip route
(Output omitted)
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, Serial0.1
S* 0.0.0.0/0 [1/0] via 192.168.1.1
R2#
Frame Relay Monitoring
Router# show interface or show interface serial are the most common commands which show a wide variety of information including showing you the DLCI used for LMI. When monitoring Frame Relay information on the router, a number of items are typically monitored including DLCI and LMI.
Router# debug frame-relay LMI command that you would use to monitor LMI information
Frame Relay Troubleshooting
If a Frame-Relay DLCI attains a state other than “active” meaning inactive or deleted, you can check the Frame-Relay configuration to make sure its configuration matches the configuration of the router acting as the Frame-Relay DTE device.
Router# show frame-relay pvc - can be used to verify that the Frame-Relay PVCs are active and operational
Router# show frame-relay route - can be used to get a listing of the status of all the PVC’s
Router# show frame-relay map - can be used to verify that inverse ARP has successfully mapped remote network layer addresses to the appropriate DLCI.
Sunday, September 28, 2008
CCNP-642-801- Lab tutorial
Network Discovery-Router 1
Network Discovery-Router 2
Network Discovery-Router 3
Configuring Single Area OSPF 1
Configuring Single Area OSPF 2
Config OSPF NBMA Environment
Config OSPF NBMA Network
Config Multi-area OSPF Network
Verify MultiMulti-area OSPF Network
Stub Areas
Totally Stubby Areas
Not So Stubby Areas-Creation
Virtual Links Setup 1
Virtual Links Setup 2
IP Helper-Adress Command
Redundant EIGRP Routers A-C
Redundant EIGRP Routers D&E
Redundant EIGRP Testing
EIGRP Across Frame-Relay I
EIGRP Across Frame-Relay II
Configuring BGP
BGP Route Reflection AS 100
IGRP integration
Directed-Broadcast Handling
Configuring Basic BGP
Creating a BGP Router Reflector
Configuring BGP Connection Weight
Modifying Redist Admin Distances
Redistribution with Router Filters
Router Map Creation
Link download
Network Discovery-Router 2
Network Discovery-Router 3
Configuring Single Area OSPF 1
Configuring Single Area OSPF 2
Config OSPF NBMA Environment
Config OSPF NBMA Network
Config Multi-area OSPF Network
Verify MultiMulti-area OSPF Network
Stub Areas
Totally Stubby Areas
Not So Stubby Areas-Creation
Virtual Links Setup 1
Virtual Links Setup 2
IP Helper-Adress Command
Redundant EIGRP Routers A-C
Redundant EIGRP Routers D&E
Redundant EIGRP Testing
EIGRP Across Frame-Relay I
EIGRP Across Frame-Relay II
Configuring BGP
BGP Route Reflection AS 100
IGRP integration
Directed-Broadcast Handling
Configuring Basic BGP
Creating a BGP Router Reflector
Configuring BGP Connection Weight
Modifying Redist Admin Distances
Redistribution with Router Filters
Router Map Creation
Link download
Subscribe to:
Posts (Atom)
Posts
