Configuring a Cisco network with routers, switches, VLANs, and DHCP can be challenging yet rewarding for network administrators. In this project, we set up multiple VLANs on a router to segment different types of network traffic, ensuring efficient communication across devices. We used trunking to allow multiple VLANs to communicate between switches and configured DHCP to automatically assign IP addresses to devices. With VLAN 99 dedicated to remote management, network administrators can securely manage network devices via SSH, enhancing security and accessibility. Learning how to configure Cisco routers and switches is essential for this process. This guide will walk you through how to configure the Cisco router and switch, making the task more approachable.
Table of Contents
Step 1: Configuring the Router
- VLAN Subinterface Configuration
- DHCP Configuration for VLANs
- Default VLAN Setup for Network Management
Step 2: Configuring the Main Switch (Switch 1)
- VLAN Creation
- Trunk Port Configuration
- IP Configuration for Management on VLAN 99
Step 3: Configuring Additional Switches
- VLAN Configuration on Switches 2, 3, 4, and 5
- Trunking Between Main and Additional Switches
- Access Port Configuration for PCs and Device Connections
Step 4: Setting Up SSH for Remote Management
- SSH Configuration on Router
- SSH Configuration on Switches
- User Account Setup and Secure Access
Step 5: Testing and Verification
- DHCP IP Allocation Verification
- VLAN Connectivity Testing
- SSH Access and Remote Management Testing
Here’s a step-by-step guide for configuring this Cisco network topology in Packet Tracer. It includes VLAN creation, IP configuration, trunking, DHCP settings, and SSH setup to meet the project plan requirements. You will learn the best practices on configuring Cisco router and switch throughout these steps.
Step 1: Set Up the Router
- Configure VLAN Subinterfaces on the router for inter-VLAN routing:
Router>enable
Router# configure terminals
Router(config)# hostname Howtokh-R
Howtokh-R(config)# interface gigabitEthernet0/0
Howtokh-R(config-if)# ip address 172.10.0.1 255.255.254.0
Howtokh-R(config-if)# no shutdown
Howtokh-R(config)# interface gigabitEthernet0/0.10
Howtokh-R(config-subif)# encapsulation dot1Q 10
Howtokh-R(config-subif)# ip address 10.10.1.1 255.255.255.0
Howtokh-R(config-subif)#no shutdown
Howtokh-R(config)# interface gigabitEthernet0/0.20
Howtokh-R(config-subif)# encapsulation dot1Q 20
Howtokh-R(config-subif)# ip address 10.20.1.1 255.255.255.0
Howtokh-R(config-subif)#no shutdown
Howtokh-R(config)# interface gigabitEthernet0/0.30
Howtokh-R(config-subif)# encapsulation dot1Q 30
Howtokh-R(config-subif)# ip address 10.30.1.1 255.255.255.0
Howtokh-R(config-subif)#no shutdown
Howtokh-R(config)# interface gigabitEthernet0/0.99
Howtokh-R(config-subif)# encapsulation dot1Q 99
Howtokh-R(config-subif)# ip address 10.99.9.1 255.255.255.0
Howtokh-R(config-subif)#no shutdown
Howtokh-R#copy running-config startup-config (This Command to save all configuration)- Enable DHCP on the router for each VLAN:
Howtokh-R(config)# ip dhcp pool Default
Howtokh-R(dhcp-config)# network 172.10.0.0 255.255.254.0
Howtokh-R(dhcp-config)# default-router 172.10.0.1
Howtokh-R(config)# dns-server 8.8.8.8
Howtokh-R(config)# ip dhcp pool VLAN10
Howtokh-R(dhcp-config)# network 10.10.1.0 255.255.255.0
Howtokh-R(dhcp-config)# default-router 10.10.1.1
Howtokh-R(config)# ip dhcp pool VLAN20
Howtokh-R(dhcp-config)# network 10.20.1.0 255.255.255.0
Howtokh-R(dhcp-config)# default-router 10.20.1.1
Howtokh-R(config)# ip dhcp pool VLAN30
Howtokh-R(dhcp-config)# network 10.30.1.0 255.255.255.0
Howtokh-R(dhcp-config)# default-router 10.30.1.1Step 2: Configure Main Switch (Switch 1)
- Create VLANs on the main switch:
Switch1#
Switch1#configure terminal
Switch1(config)#hostname Howtokh-Sw1
Howtokh-Sw1(config)# vlan 10
Howtokh-Sw1(config-vlan)# name VLAN10
Howtokh-Sw1(config)# vlan 20
Howtokh-Sw1(config-vlan)# name VLAN20
Howtokh-Sw1(config)# vlan 30
Howtokh-Sw1(config-vlan)# name VLAN30
Howtokh-Sw1(config)# vlan 99
Howtokh-Sw1(config-vlan)# name VLAN99- Set up trunk ports connecting to the router and other switches:
Howtokh-Sw1(config)# interface gigabitEthernet0/1
Howtokh-Sw1(config-if)# switchport mode trunk
Howtokh-Sw1(config-if)# switchport trunk allowed vlan 1,10,20,30,99
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wr
Howtokh-Sw1(config)# interface GigabitEthernet0/2
Howtokh-Sw1(config-if)# switchport mode trunk
Howtokh-Sw1(config-if)# switchport trunk allowed vlan 1,99
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wr
Howtokh-Sw1(config)# interface fastEthernet0/2
Howtokh-Sw1(config-if)# switchport mode trunk
Howtokh-Sw1(config-if)# switchport trunk allowed vlan 1,10,30,99
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wr
Howtokh-Sw1(config)# interface fastEthernet0/3
Howtokh-Sw1(config-if)# switchport mode trunk
Howtokh-Sw1(config-if)# switchport trunk allowed vlan 1,10,20,30,99
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wr
Howtokh-Sw1(config)# interface fastEthernet0/4
Howtokh-Sw1(config-if)# switchport mode trunk
Howtokh-Sw1(config-if)# switchport trunk allowed vlan 1,10,20,30,99
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wr- Configure an IP for remote management to (Switch1) (optional for Vlan 99):
Howtokh-Sw1(config)# interface vlan 99
Howtokh-Sw1(config-if)# ip address 10.99.9.2 255.255.255.0
Howtokh-Sw1(config-if)# ip default-gateway 10.99.9.1
Howtokh-Sw1(config-if)# no shutdown
Howtokh-Sw1(config-if)# do wrStep 3: Configure Other Switches
Example for Switch 2:
- Create VLANs on Switch 2:
Switch2#
Switch2#configure terminal
Switch2(config)#hostname Howtokh-Sw2
Howtokh-Sw2(config)# vlan 1
Howtokh-Sw2(config-vlan)# name VLAN1
Howtokh-Sw2(config)# vlan 10
Howtokh-Sw2(config-vlan)# name VLAN10
Howtokh-Sw2(config)# vlan 30
Howtokh-Sw2(config-vlan)# name VLAN30
- Configure trunk port for connection to Switch 1:
Howtokh-Sw2(config)# interface gigabitEthernet0/1
Howtokh-Sw2(config-if)# switchport mode trunk
Howtokh-Sw2(config-if)# switchport trunk allowed vlan 1,10,30,99
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wr- Assign Access Ports for PCs:
Howtokh-Sw2(config)# interface fastEthernet0/1
Howtokh-Sw2(config-if)# switchport mode access
Howtokh-Sw2(config-if)# switchport access vlan 10
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wr
Howtokh-Sw2(config)# interface fastEthernet0/2
Howtokh-Sw2(config-if)# switchport mode access
Howtokh-Sw2(config-if)# switchport access vlan 10
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wr
Howtokh-Sw2(config)# interface fastEthernet0/3
Howtokh-Sw2(config-if)# switchport mode access
Howtokh-Sw2(config-if)# switchport access vlan 10
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wr
Howtokh-Sw2(config)# interface fastEthernet0/4
Howtokh-Sw2(config-if)# switchport mode access
Howtokh-Sw2(config-if)# switchport access vlan 30
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wr
Howtokh-Sw2(config)# interface fastEthernet0/5
Howtokh-Sw2(config-if)# switchport mode access
Howtokh-Sw2(config-if)# switchport access vlan 1
Howtokh-Sw2(config-if)# no shutdown
Howtokh-Sw2(config-if)# do wrCould you repeat similar steps for Switch 3, Switch 4, and Switch 5 with the appropriate VLANs and access ports? This procedure is crucial for understanding how to configure Cisco routers and switches effectively in a complex network setting.
Step 4: Configure SSH Access on Switches and Router
- Enable SSH on the router and main switch for remote access via VLAN 99.
- Set hostname, domain name, and generate crypto keys.
- Configure SSH user and enable vty lines for SSH access. Example configuration:
Howtokh-R#
Howtokh-R(config)#username admin secret cisco
Howtokh-R(config)#enable secret cisco
Howtokh-R(config)# line vty 0 4
Howtokh-R(config-line)# login local
Howtokh-R(config-line)# transport input ssh
Howtokh-R(config)#ip ssh version 2
Howtokh-R(config)# ip domain-name howtokh.com
Howtokh-R(config)# crypto key generate rsa
Note: bit rate: 512, 1024,...
Howtokh-R(config)# line con 0
Howtokh-R(config-line)# password cisco
Howtokh-R(config-line)# login local
Howtokh-R(config)# services password-encryption
Howtokh-R(config)# do wr
Step 5: Test Remote to Router for Connectivity
- Ensure PCs are set to receive IP addresses via DHCP.
- Verify IP Configuration on each VLAN by using
pingcommands to ensure connectivity across VLANs and access to the router. - Test SSH access to confirm that SSH can reach devices using VLAN 99.
Remote from Laptop to router with the command: ssh -l admin 10.99.9.1
This setup should enable inter-VLAN routing, and remote management via SSH on VLAN 99. Feel free to let me know if you need additional configurations or troubleshooting tips!
Step 6: Test Remote to Switch-1 for Connectivity
Remote from Laptop to Switch 1 with remote IP address as command: ssh -l admin 10.99.9.2
Suggested Learning for Students
For students interested in mastering Cisco networking, diving into topics like VLANs, trunking, DHCP configuration, and SSH setup is fundamental. Start by practicing on simulators like Cisco Packet Tracer or GNS3, allowing you to experiment safely. Additionally, consider exploring:
- CCNA (Cisco Certified Network Associate) courses, which cover essential networking skills.
- Switching and Routing Protocols like OSPF and EIGRP to improve network performance.
- Network Security basics, including secure remote access methods and ACLs (Access Control Lists).
Building a solid understanding of these Cisco concepts, including how to configure Cisco router and switch, will prepare you well for real-world network management and troubleshooting. Happy learning!
Discover more from How To Kh
Subscribe to get the latest posts sent to your email.