4.2.8 Lab - Configure Router on a Stick Inter VLAN Routing

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi friends welcome to or in this video we are going to discuss CCNA version 7 lab activity configure rotor honestok inter VLAN routing before coming to this activity fronts if you like to get any cc in a project support or CCNA online classes you can contact our team using our website link you will get from the description below and also if you like to get this type of technical videos in future considered subscribing also don't forget to enable that bell icon new to the subscribe button so that you will get notification message whenever we upload a new video no back to our lab activity sure we can see the topology but we have to design in our packet racer also here we can see our addressing table also VLAN table we will go through the objectives in part 1 built the network and configure basic device settings then in part it to create VLANs and a scene as which ports then in part 3 configure and it not to dot1q trunk between the switches then in part 4 configure inter VLAN routing on the rotor then part 5 verify inter VLAN routing is working we will go through the background more and switches use virtual local area networks that is VLANs to provide segmentation services traditionally provided by your orders in LAN configurations billions address scalability security and network management in general VLANs make it easier to design a network to support the goals of an organization communication between VLANs requires a device operating at layer 3 of the OSI model rotors in Velen topologies provide additional security and traffic flow management billion trunks are used to span billions across multiple devices trunks allow the traffic from multiple VLANs to travel over a single link while keeping the VLAN identification and segmentation entire a particular kind of inter VLAN routing called a rotor on a stick use a trunk from the rotor to a switch to enable all VLANs to pass to the rotor in this lab we will create VLANs on both switches in the topology a same variance to a switch access ports verify that VLANs are working as expected create a VLAN trunks between the two switches and between s1 and r1 and configure inter VLAN routing on r1 to allow force in different VLANs to communicate regardless of which is subnet to the house to resides they given a note here the rotors are used to with the CCNA hand sew on elapsed are a Cisco for double to one which is co iOS XZ release sixteen point nine point four the switches are used in the labs are a Cisco Catalyst to name six zero with the Cisco IOS release fifteen point two other outers switches and cisco iOS versions can be used depending on the model and cisco iOS version the commands available and the output produced might vary from what is shown in the lab refer to the rotor interface summary table at the end of the lab for the correct interface identifiers okay we will use these models and we have these models in our cisco packet race or a simulation so again a note ensure that the routers and switches have been erased and have no startup configurations if you are unsure contact your instructor yes if you do with the real rotors and switches so we have to erase these startup configurations here they given the iraq you resources one rotor a cisco for double to one with the Cisco IOS X zero Lee's sixteen point nine point four then two as witches Cisco two and six zero series two PC's control cables then to configure this is choir OS device via the console ports then Ethernet cables are shown in the topology ok we need all these resources except this console cables because we are going to do in cisco packet restore us coming to the instructions in part one built the network and configure basic device settings in part one you will set up the network topology and configure basic settings on the PC host and switches in step one cable the network as shown in the topology attach the devices as shown in the topology diagram and a cable as necessary so here we can see our topology we will design this topology in cisco packet tracer pure Network Devices our routers here we can see here we done how for double to one so instead we will use this for double three one then a two as switches we will use a two nine six zero series click on a switches and here we can see two nine six zero you will have two switches then a two PC's sure we have anti devices and here we can see PC now we will rename these devices it's our one this is s 1 and here is s 2 here is a PC - a and here we have PC - B now coming to the connectivity we will choose connections and a copper straight through you'll press ctrl and we will click on copper straight through so that we can connect all these devices click and maybe in press control then click on this copper straight through cable now click on r1 and we will select a gigabit the third are 0 / 0 / 1 and connect to s1 and here the port is FA 0 / 5 and again from s 1 FA 0 / 1 to s 2 FA 0 / 1 now we will connect these pcs from s 1 FA 0 / 6 to this PC - a from s to F a0 / 18 to this PC - B now we can press escape so that we can release these connections okay you will see what is next now in step 2 configure basic settings for the rotor console into the rotor and enable privilege at x ik mode then enter configuration mode Arsene a device name to the rotor ok we will do that we will click on r1 you'll go to CLI and here we will give no enable sorry configure a terminal we will set the hostname as r1 next is a disable DNS a lookup to prevent the rotor from attempting to translate incorrectly into it commands as through there were house names okay we can do that here we will give no IP domain lookup in presenter next is a same class as the privilege to X again cryptid password that means we have to enable secret as class we can do that enable sacred as class next is our scene Cisco as the console password and enable Logan also we have to give this the same password Cisco as the btv password and enable Logan we will do that coming to r1 first of all we will go to line console 0 then we will Lissette the password as cisco then we will login now we will exit and then we will go to line vty we will give for all the lines that means from 0 to 15 total 16 lines we will Lissette the password as cisco then login then encrypt plaintext passwords yes we have the command we will exit from this line mode and here we will give a service password encryption then create a banner that wants anyone accessing the device that unauthorized access is prohibited okay we will create this banner it's a banner M our theory that is message of the day we will start with the delimiter then we will give the message and otherwise to access is a strictly prohibited so destination file name we will give this a default name that is not AB - config just press ENTER then set the clock on the rotor okay we can do that use the question mark to help you with the correct sequence of parameters needed to execute this command we will do that we will give a clock then a set then we have to set this current at time using this format it's 10 minutes we will give a 30 then seconds ok then we have to give the day of the month it's 13 then we have to give a month of the year it's May then we have to give it a or it's 20 20 % her coming to step 3 configure basic settings for each switch concerning to the switch and enable probability x ik mode then enter our configuration mode then I've seen a device name to the switch ok we will do that on both switches first of all we will go to s1 CLI then press Enter enable configure terminal we can give in short conf space T then the hostname as s1 [Music] now we will go to s - CL I enable we can give short as en comes T then the hostname as yes - then a disabled DNS lookup to prevent the order from attempting to translate incorrectly entered commands as though there were host names okay we can do that sure we have to give the command no IP domain lookup now we will go to s1 and we will do it no IP domain lookup then a same class of the privileged exec encrypted password we can do that you're on s1 we will give enable secret as class will close and then we will go through s to enable secret as class then I seen Cisco as the console password and enable a login also we have to give us his course the vty password and enable a login we will do that coming - yes - we will go to line console 0 we will let's set the password at Cisco sorry it's a password of Cisco now it's correct then we will give the login command exit then go to line vty all the lines from 0 to 15 we will let set the password of Cisco then we will give login command then coming to yes one line console 0 password Cisco Logan exit then we will go to line vty all the 16 lines from 0 to 15 password Cisco then login next is include plaintext passwords we can do that now we are in s1 we will exit from this line mode and here we will give a service password encryption we can give PA SS then we can press tab and here we can see password - encryption then press Enter now we will go to yes - you will exit from this line mode then give ser tab then password PA SS tab press enter then create a banner that once anyone accessing the device that unauthorized access is prohibited okay we will do that we will go to s 1 and set banner motd we will give an authorized access is strictly prohibited just I will copy this command I mean this message then here press ENTER now we will go to s - its banner M or GD then the message it's here we already copied that then set the clock on both switches use the question mark to help with the correct sequence of parameters needed to execute this command okay we can do that first of all we will do it on s1 we will exit from this mode and here we will give it's a clock set then we have to set the current time in this format it's a 10 minutes it's 48 then seconds then we have to give the day of the month it's 13 then the month it's May then the Euro 2020 now we will do s to CLI we will exit from this mod then here we can give a clock set in the calendar time 10:48 will give 49 then seconds then a day of the month it's 13 month is May your is 2020 then copy the running configuration to the startup configuration on both switches coming to s 1 here we will give that we can give in short it's copy running our space HD then press enter so destination file name the default the file name startup - config ok just presenter no we will go to s - and see our py our space HD presenter now in step 4 configure PC host refer to that dressing-table for pc how to address information so coming to aura addressing table here we can see pc - a IP address just i will copy this address then coming to pc - a desktop IP configuration here we will give that IP address then here we can see it's a certain to mask then we have to set it's a default gateway it's a 3.10 default to gate to me we can see the IP address for PC - be just we will copy that address it's a 4.3 and here we can see it's a little mask and it's a default gateway coming to a PC - B desktop IP configuration your subnet mask then default to Gateway 4.1 now we will move to part 2 creative VLANs and have seen as switch ports in part 2 we will create VLANs as specified in the table above on both switches we will then assign the VLANs to the appropriate interface the chauvelin command is used to verify your configuration settings then complete the following tasks on each switch so in step 1 we have to create VLANs on both switches so firstly create and name the record of VLANs on each a switch from the table above so coming to aura VLAN table here we can see we have to create these VLANs will end 3 4 7 8 with these names you will create in s1 click on s1 Co enough space T we will create a VLAN 3 then we have to give the name as a management next is V then for name is operations next e civilians 7 name is parking lot next is VLAN 8 name is energy now we will go to s to CLI configure a terminal VLAN 3 name is management next is billion for name is operations next is villain 7 name is parking lot next is villain 8 name is native then configure the management interface and default gateway on each switch using the IP address information in the addressing table ok coming to our addressing table here we can see the address for the device s1 and s2 and here we can see we have to assign these IP address for the interface VLAN 3 and to be created VLAN 3 for management then we can see it's a set to mask and it's a default a gateway first of all we will a copy this IP address I mean the IP address of a device s1 one ninety two dot one sixty eight dot 3.11 then coming to s1 CLI we will exit from this VLAN mode then we will go to the interface VLAN 3 then live Allah set the IP address it's zero then it's assert to mask now we will exit and then we will a set its IP default gateway it's a 3.1 now we will go to s 2 CL I we will exit from this villain mode then we will go to the interface VLAN 3 then they will have set its IP address it's a 3.2 then it's something to mask exit then we will a set IP default gateway it's a 3.1 then as seen all unused to ports on both switches to the parking lot VLAN configure them for static access mode and administratively deactivate them they given a node the interface or range command is helpful to accomplish it is a task of witness few commands as necessary okay we can do that coming to our topology here we can see on s1 we used FA 0 / 1 FA 0 / 5 + fa 0 / 6 we will shut down all the airports except these 3 ports also we have to assign these ports to parking-lot VLAN and then we have to configure a static access mode so we will do that we will click on s1 so we'll go to all those interfaces interface and say range its FA 0 / 1 we already used so we'll shut from 2:00 till EF 4 because 5 and the 6 we used then we will give coma if a 0 / 7 till 24 also we have a two gigabit ethernet ports G 0 / 1 and it - ok here we will give a support mode as access then such a port access VLAN it sightings 7 will verify that parking lot here we can see it 7 ok no we will shut down all these ports shut down same way we have to do it on s 2 will go to s 2 CL I then interface a cell range F a user from 0 / - before that coming to a topology here we can see we used the FS 0 / 1 + FS 0 / 18 then we will shut up on all the ports except these two ok back to yes to FA 0 / 2 till 17 because 18 used then again FA 0 / 19 to 24 also we have a two gigabit ethernet ports G 0 / 1 - 2 ok somewhere we made a mistake we will see that we have to put a comma here then press Enter no it's correct we will give a switch port mode as access then a switch port access a VLAN 7 then shut down now in step 2 has seen we lens to the character switch interfaces asain are used to pour stew with appropriate to VLAN as specified in the wheel and table a bow and configure them for a static access mode be sure to do this on both switches coming to this villain table here we can see in this switch port FS 0 / 6 should be a saint - VLAN 3 then a switch S 2 port FS 0 / 18 should be a saint - VLAN for yep we can do that so we will go to s 1 then exit from this range of interfaces then we will go to the interface fastethernet I think it's a 0 / 6 correct FA s 0 / 6 then we will give a support mod us access then we will give us a chip access you to give to VLAN three presenter now we will go to yes to fix it from these interfaces then go to interface FAS euro / 18 switcher port modest access support access wheel and it's for the sender then issue the show we then brief command and verify that the VLANs are saying to the collect interfaces ok we'll go to yes one will press control is it then press enter here we will give a show VLAN brief and here we can see the details you will expand it so that we can see fully ok here we can see what FA 0 / 6 is a saint - VLAN 3 and here we can see all the unused ports are assigned to parking lot that is VLAN 7 and the here we can see these two ports that is FS 0 / 1 + FS 0 / 5 they are in default - VLAN 1 because we have to convert these ports to a trunk now we will go to s to CLI press ctrl is it and press Enter here we will give a show VLAN brief and here we will verify the configuration so we can see all unused ports are assigned to parking lot that is VLAN 7 and the port FA 0 / 18 is a saint - Vida and 4 and we have FA 0 / 1 which is in default - VLAN 1 because so we have to make this poor tha's trunking coming to part 3 configure a night not to dot1q trunk between the switches in part 3 we will manually configure interface FS euro / one as a trunk coming to step 1 manually configure a trunk interface FS 0 / 1 change the switch port on interface FS 0 / 1 to force trunking make sure to do this on both switches we will do that first of all we will go to s 1 then we have to go to that interface configurator minal interface FA 0 / 1 then we will give us which reporter mode as a trunk now we will go to yes - we have to manually give a trunk configure a terminal interface FA 0 / 1 support the more desert trunk then as a part of the trunk configuration so the native VLAN - 8 on both switches you may see error messages temporarily while the two interfaces are configured for a different native VLANs yes that's correct because both side we have to configure the same VLAN I mean the native VLAN so we will do that configuration first of all we will do it on s1 and you know we are in this FS 0 / 1 sure we will give a support trunk native VLAN 8 now we will go to s 2 and here we can see that message inconsistent local VLAN okay here also we will set that to be LAN native VLAN switch port o again we get that message mis-match discovered on fa 0 / 1 with s 1 FS 0 / 1 ok I'll be able to set H native VLAN that can be done in a suit support its trunk native VLAN sorry it's Avilan each no here we give the message and blocking faster third 0/1 on the severan what kind of consistency wrists hurt good then as another part of trunk configuration specified that to VLANs three four and eight are only allowed to cross the trunk okay that can be done here we will give a command do show you will give a I interface trunk and here we can verify VLANs allowed its hello one three four seven and eight but here as per the instruction we have to allow only three four and H we have to remove this one and seven okay we can do that you will give the command here switch port trunk and here we have allowed then we cannot remove I mean our a load of VLAN then we will give remove we will remove one first then we can remove seven press up arrow then give seven just we will verify that press control is it presenter sure interface trunk no here we can see her VLANs allowed and active in management domain only three four and eight and we can see native VLAN is eight it stared us at ranking and here we can see the port is FA 0 / 1 mode is on the same way we will do it on yes one ok and here we will give its so chupo what trunk allowed to VLAN we can remove one also will remove seven first control is it then verified show interfaces trunk here we can see the port is FS 0/1 mode is own manually configured trunk status trunking native VLAN eight and here we can see B lands allowed and active in management domain three for an H then issue the show interfaces trunk command to verify tracking ports the native VLAN and allow the VLANs across the trunk yes we given this a show command on both switches and we verified all these now in step to manually configure s once trunk interface FAS 0/5 so configure the FS 0/5 on s1 with the same trunk parameters as fa 0 / 1 this is the trunk to the rotor so here we can see that interface FS 0 / 5 in this switch s1 we will do that coming to yes one CLI ok password Cisco enable password class configure terminal then here we will go to that interface that is FAS ro / 5 and we will give a switch port mode as access so its trunk yes then save the running configuration to the startup configuration file on s1 and s2 ok we will do it on s1 we will give the command end here press ENTER again and we will give copy running-config startup config so it's running - config space startup - config so here we can see destination file name startup config ok just press Enter same command we will give on s2 CLI password is cisco enable password is class here we can give in short COP space our space st then we can press Enter this is copy running-config startup config press ENTER again then issue the show interfaces trunk command to verify trunking why does F is 0/5 not appear in the list of trunks ok we will verify that we will click on s1 then we will give that command sure interface trunk and here we can see only one court that is FA 0 / 1 and we cannot see this port FA 0 / 5 why it is not showing this port FS 0 / 5 here because coming to our topology we can see this link is down that means the interface Gigabit Ethernet 0 / 0 / 1 in this router r1 is administratively down hence the here we have to bring this interface up so that we can see this interface FS 0 / 5 will be in a Chungking ok now we will go to Pat for configure inter VLAN routing on the rotor activated interface G 0 / 0 / 1 on the rotor right now we are going to activate this interface in this route or r1 coming to our one CLI password is Cisco enable password is class so configure terminal we have to go to that interface that is G 0 / 0 / 1 then we have to give no shutdown command then press enter now here we can see the link between disorder r1 and s1 is up now we can verify the trunk in this s1 we will give the command show interfaces trunk and here we can see the port FA 0 / 5 Modi's own and status Chungking then configure sub interfaces for each VLAN as specified in the IP addressing table old sub interfaces use 8 node to dot1q encapsulation ensure the sub interface for the native VLAN does not have an IP address a st. include a description for each sub interface ok we will create this a sub interfaces for the VLAN in this order r1 coming to Armin you will exit from this interface this is the physical interface then we will go to the interface gigabit 1/3 + 0 / 0 / 1 we will create for a 3 so we land 3 we will give 1.3 ok then we will give a description for this description we can press the tab so that it will complete the design completely unique command description we will give management network okay also to give a encapsulation dot1q and to VLAN ID it's four-wheel n3 also we have to set its IP address one ninety two dot one sixty eight dot a 3.2 one then we have to give it's a seven to mask now we will create the next sub interface we will exit from this interface then we will give an interface G 0 / 0 / 1 dot 4 and press ENTER and we will give you the description its operations network also we will give a encapsulation dot1q VLAN ID Sweden for and they will a set the IP address one ninety two dot one sixty eight dot 4 dot one then it's certain to mask now a no need to create a sub interface for the villians 7 because that is parking lot because all unused to ports we are saying to that VLAN 7 then we will create for a VLAN 8 except then go to the interface G 0 / 0 / 1 dot H okay then we will give its a description we will give the description as a net tu VLAN also we have to encapsulate dot1q VLAN IDs 8 and this is for native so protection mark and here we can see okay it's encapsulation native here we can see the command so we can complete it encapsulation dot1q Nate you then press enter as per the requirements for these sub interface we are not going to create an IP address okay I use the show IP interface brief command to verify the sub interfaces are operationally we will verify that here we will give the command end show IP interface brief and here we can see all these sub interfaces we created 1.3 sigh Piedras stares and protocol up dot for and dot H and 4.8 we did not assign any IP address and we can see it's Terrace and protocol up now coming to part 5 verify inter VLAN routing is working step 1 complete the following test from PC - a all should be successful you may have to disable the PC firewall for pings to be successful yes so if you are using the real systems we have to a disable of PCs firewall anyways your are we are using packet tracer so I wanted to worry about the firewall ping from PC - a - it's a default gateway ok we will do that we will ping from PC - 8 - it's a default gateway its default to gateways 192 dot 168 or 3.21 these pcs are saying to VLAN 3 even we can verify that it's a default to gateway address using IP config space slash all and here we can see its IP address details now here we can see default gateway address we will copy that then we will ping to this default gateway bring to this default to gateway and here we can see we get the replies then ping from PC - a to PC - B okay we will get the IEP at recipe C - B it's a 4.3 then coming to PC - a ping to PC - B and we are waiting for the replies because timed out and it's working we get the replies once more we can try to just press up arrow so we will get the previous command ping - PC - B then press ENTER and here we can see it's working we get the replies packet to send for a received for lost 0 then ping from PC - eh - yes - okay we will do that coming to PC - eh here we are going to ping to one ninety two dot one sixty eight dot 3.11 this is the IP address of switch s2 and we are awaiting yeah here we can see we get the replies one request timed out and then we get the replies you will try once more just press up arrow then press ENTER and here we can see we get the replies it's working actually here we ping from PC - eh - yes one even we will try to PC - eh - yes - also here we can see its IP address ooh that is one nine two one six eight 3.12 okay you'll press up arrow and we will change this address to 3.12 you get the replies it's working now we will go to step two complete the following test from PC - B from the command prompt on PC that B issue the tracer command - the address of PC - a what intermediate IP addresses are shown in the results okay we will check that we will get the IP address or PC - a IP configuration we will copy this address we'll go to PC - B command prompt here we will give a try cert - PC - a and here we can see the details 1 9 2 1 6 8 4.1 then we can see 1 9 - 1 6 8 3.3 and here can see the intermediate address that is one ninety two dot one sixty eight dot 4.1 this is a defaulter gateway for these a PC - B also we will ping from PC - B - other devices you will give a ping looping to PC - a and here we can see we get the replies now we will try to ping to the switches it's a 3.11 and we are waiting for the replies maybe one request timed out yes here we can see it's working once more we'll press up arrow and again we will try it and here we can see we get the replies now we will try to ping to 3.12 from PC - B - switch s2 we may get one or two or equals two timed out due to convergence and here we can see we get two replies once more you try it and here we can see we get the replies how care right that's all in this a lab activity that is configure or outer honestok inter VLAN routing now dear friends if you have any doubt any suggestions or regarding this lab activity please come in below also if we liked your video give a thump and share with all your friends and if you like to contact our team we can visit our website stay tuned and we will meet again with the next video thank you
Info
Channel: Tech Acad
Views: 15,444
Rating: undefined out of 5
Keywords: CISCO Certification, CISCO, CCNA, VLAN
Id: fTdhrqnjqmo
Channel Id: undefined
Length: 48min 24sec (2904 seconds)
Published: Sat May 16 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.