The connected users are mainly distributed in four parts, namely: Production Department, Finance Department, Information Center and Human Resources Department. The VLAN is mainly divided into separate VLANs for these four parts of users to ensure that the network resources of the corresponding department are not stolen or destroyed.
Now, in order to ensure the security needs of the corresponding part of the company's network resources, especially for sensitive departments such as the Finance Department and the Human Resources Department, the information on the network does not want too many people to enter and exit at will, so the company adopted the VLAN method to solve the above problems. Through the division of VLANs, the company's main network can be divided into four main parts: production department, finance department, personnel department and information center. The corresponding VLAN groups are named: Prod, Fina, Huma, and Info. The corresponding network segments for each VLAN group are shown in the following table.
VLAN number
VLAN name Port number 2ProdSwitch 1 2-21 3FinaSwitch2 2-164HumaSwitch3 2-95InfoSwitch3 10-21[Note] The reason why the switch's VLAN number starts from "2" is that the switch has a default VLAN, that is, "1" VLAN, which includes all users connected to the switch.
The VLAN configuration process is actually very simple, with only two steps: (1) Naming each VLAN group; (2) Corresponding to the corresponding VLAN to the corresponding switch port.
The following is the specific configuration process:
Step 1: Set up the hyper terminal, connect to the 1900 switch, and configure the switch's VLAN through the hyper terminal. After the connection is successful, the main configuration interface shown below appears (the switch has completed the configuration of basic information before):
1 user(s) now active on Management Console.
User Interface Menu
[M] Menus
[K] Command Line
[I] IP Configuration
Enter Selection:
[Note] Hyperter terminal is performed using the "Hypertrm" program that comes with Windows system. For details, please refer to the relevant information.
Step 2: Click the "K" button, select the "[K] Command Line" option in the main interface menu, and enter the following command line configuration interface:
CLI session with the switch is open.
To end the CLI session,enter [Exit ].
>
At this time, we entered the switch's normal user mode. Just like a router, this mode can only view the current configuration, cannot change the configuration, and the commands that can be used are very limited. So we have to go into "privileged mode".
Step 3: Enter the privileged mode command "enable" at the previous step ">" prompt to enter the privileged mode, enter the privileged mode, the command format is ">enable". At this time, you enter the privileged mode prompt configured by the switch:
#config t
Enter configuration commands,one per with CNTL/Z
(config)#
Step 4: For security and convenience, we name these three Catalyst 1900 switches and set the login password for privileged mode. The following is only introduced with Switch1 as an example. The configuration code is as follows:
(config)#hostname Switch1
Switch1(config)# enable password level 15 XXXXXX
Switch1(config)#
[Note] The privileged mode password must be 4 to 8 characters. Please note that the password entered here is displayed directly in plain text, so please be sure to keep it confidential. The switch uses the level size to determine the password permissions. Level 1 is the password to enter the command line interface. That is to say, after setting the password of level 1, you will be asked to enter the password next time you connect to the switch and enter K, and this password is the password set by level 1. level 15 is the privileged mode password you enter after entering the "enable" command.
Step 5: Set the VLAN name. Because the four VLANs belong to different switches, the command named VLAN is "vlan vlan name vlan name vlan name . The code for configuring VLANs 2, 3, 4 and 5 on Switch1, Switch2, Switch3, and switches is:
Switch1 (config)#vlan 2 name Prod
Switch2 (config)#vlan 3 name Fina
Switch3 (config)#vlan 4 name Huma
Switch3 (config)#vlan 5 name Info
[Note] The above configuration is carried out according to the rules of Table 1.
Step 6: In the previous step, we configured VLAN groups for each switch, and now we need to correspond to the switch port numbers specified in Table 1. The command corresponding to the port number is "vlan-membership static/ dynamic VLAN number". In this command, you must choose one of the "static" and "dynamic" allocation methods, but usually the "static" method is selected. The VLAN port number application configuration is as follows:
(1). The VLAN port number of the switch named "Switch1" is configured as follows:
Switch1(config)#int e0/2
Switch1(config-if)#vlan-membership static 2
Switch1(config-if)#int e0/3
Switch1(config-if)#vlan-membership static 2
Switch1(config-if)#int e0/4
Switch1(config-if)#vlan-membership static 2
……
Switch1(config-if)#int e0/20
Switch(config-if)#vlan-membership static 2
Switch1(config-if)#int e0/21
Switch1(config-if)#vlan-membership static 2
Switch1(config-if)#
[Note] "int" is the abbreviation of the "nterface" command, which means interface. "e0/3" is the abbreviation of "ethernet 0/2", which represents the switch's module No. 2 port.
(2). The VLAN port number of the switch named "Switch2" is configured as follows:
Switch2(config)#int e0/2
Switch2(config-if)#vlan-membership static 3
Switch2(config-if)#int e0/3
Switch2(config-if)#vlan-membership static 3
Switch2(config-if)#int e0/4
Switch2(config-if)#vlan-membership static 3
……
Switch2(config-if)#int e0/15
Switch2(config-if)#vlan-membership static 3
Switch2(config-if)#int e0/16
Switch2(config-if)#vlan-membership static 3
Switch2(config-if)#
(3). The VLAN port number of the switch named "Switch3" is configured as follows (it includes the configuration of two VLAN groups). Let's first look at the configuration code of VLAN 4 (Huma):
Switch3(config)#int e0/2
Switch3(config-if)#vlan-membership static 4
Switch3(config-if)#int e0/3
Switch3(config-if)#vlan-membership static 4
Switch3(config-if)#int e0/4
Switch3(config-if)#vlan-membership static 4
……
Switch3(config-if)#int e0/8
Switch3(config-if)#vlan-membership static 4
Switch3(config-if)#int e0/9
Switch3(config-if)#vlan-membership static 4
Switch3(config-if)#
Here is the configuration code for VLAN5 (Info):
Switch3(config)#int e0/10
Switch3(config-if)#vlan-membership static 5
Switch3(config-if)#int e0/11
Switch3(config-if)#vlan-membership static 5
Switch3(config-if)#int e0/12
Switch3(config-if)#vlan-membership static 5
……
Switch3(config-if)#int e0/20
Switch3(config-if)#vlan-membership static 5
Switch3(config-if)#int e0/21
Switch3(config-if)#vlan-membership static 5
Switch3(config-if)#
OK, we have defined all VLANs to the ports of the corresponding switch according to the requirements of Table 1. To verify our configuration, you can use the "show vlan" command in privileged mode to display the configuration you just made and check whether it is correct.
The above is an introduction to the VLAN configuration of Cisco Catalyst 1900 switch. The VLAN configuration methods of other switches are basically similar. Please refer to the relevant switch instructions.
Article entry: aaadxmm Editor in charge: aaadxmm