• 12 hours
  • Medium
License

Free online content available in this course.

course.header.alt.is_video

course.header.alt.is_certifying

Got it!

Last updated on 6/30/22

Finalize the VLAN Parameters

Check All of the VLAN Information

Once a VLAN is configured, the VLAN configurations can be validated using Cisco IOS show commands. The command show vlan displays a list of all configured VLANs:

Exec-Sales> show vlan 
VLAN Name                   Status         Ports 
---- --------------------- ---------   ------------------------------- 
1     default                active     Fa0/7, Fa0/8, Fa0/9, 
Fa0/10 
                                        Fa0/11, Fa0/12, Fa0/13, Fa0/14
                                        Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                        Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                        Fa0/23, Fa0/24, Gig0/2 
20   Executive               active          Fa0/1, Fa0/2 
21   Sales                   active          Fa0/4, Fa0/5
40   Printing                active              Fa0/3, Fa0/6 
50   Telephony               active              Fa0/1, Fa0/2, Fa0/4,
Fa0/5 
100  Administration          active    
1002  fddi-default           active    
1003  token-ring-default     active    
1004  fddinet-default        active    
1005  trnet-default          active

VLAN    Type SAID    MTU Parent     RingNo     BridgeNo   Stp 
BrdgMode Trans1 Trans2 
---- ----- ------ ----- ------ ------ -------- ---- -------- ------ ------ 
1     enet 100001 1500 -  -  -  -  -    0  0 
20    enet 100020 1500 -  -  -    -  -  0  0 
21    enet 100021  1500 -  -  -    -  - 0  0 
40    enet 100040  1500 -  -  -    -  - 0  0 
50    enet 100050  1500 -  -  -    -  - 0  0 
100   enet 100100  1500 -  -  -    -  - 0  0 
1002  fddi 101002  1500 -  -  -    -  - 0  0   
1003  tr   101003  1500 - -  -    -  -  0  0   
1004  fdnet  101004  1500 -  -  -    ieee - 0   0   
1005  trnet101005  1500 -  -  -      ibm  -  0   0   

VLAN Type  SAID   MTU   Parent RingNo BridgeNo Stp  BrdgMode 
Trans1 Trans2 
---- ----- ------ ----- ------ ------ -------- ---- -------- ------ ------ 
Remote SPAN VLANs 
------------------------------------------------------------------------------ 
Primary Secondary Type      Ports 
------- --------- ----------------- ------------------------------------------ 
Exec-Sales>

We may prefer to use the show vlan brief command, which just displays a summary of the VLANs assigned to the interfaces. It will only display the first few lines of the previous command.

We can also display details of the VLANs by showing details of the interfaces, using the show interfaces command:

Exec-Sales> show interfaces fa0/1 switchport 
Name: Fa0/1 
Switchport: Enabled 
Administrative Mode: static access 
Operational Mode: static access 
Administrative Trunking Encapsulation: dot1q 
Operational Trunking Encapsulation: native 
Negotiation of Trunking: Off 
Access Mode VLAN: 20 (Executive) 
Trunking Native Mode VLAN: 1 (default) 
Voice VLAN: 50 
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none 
Administrative private-vlan trunk native VLAN: none 
Administrative private-vlan trunk encapsulation: dot1q 
Administrative private-vlan trunk normal VLANs: none 
Administrative private-vlan trunk private VLANs: none 
Operational private-vlan: none 
Trunking VLANs Enabled: All 
Pruning VLANs Enabled: 2-1001 
Capture Mode Disabled 
Capture VLANs Allowed: ALL 
Protected: false 
Unknown unicast blocked: disabled 
Unknown multicast blocked: disabled 
Appliance trust: none 

Exec-Sales>

Change VLAN Assignment

There are several ways of changing which ports the VLANs are assigned to. If the switch access port has been wrongly assigned to a VLAN, you just need to re-enter the interface configuration command switchport access vlan vlan-id using the correct VLAN ID.

To change a VLAN port assignment, use the command no switchport access vlan.

Delete the VLAN

The command no vlan vlan-id is used to delete a VLAN from the vlan.dat file. This is the file that contains the list of VLANs that have been created.

The whole vlan.dat file can be deleted using the command delete flash:vlan.dat in privileged EXEC mode. The short version of the command (delete vlan.dat) can be used if the vlan.dat file hasn’t been moved from its default location.

After running this command and rebooting the switch, any previously configured VLANs will no longer exist. This command restores factory settings to the switch in terms of VLAN configurations.

Create a VLAN Trunk

Now that you’ve configured and checked the VLANs, it's time to configure and check the VLAN trunks.

To enable the trunk link for the Exec-Sales switch, configure the connecting port using the set of interface configuration commands provided in this table:

Task

IOS command

Enter global configuration mode

Exec-Sales# configure terminal

Enter interface configuration mode

Exec-Sales(config)# interface g0/1

Change the port to be in permanent trunking mode

Exec-Sales(config-if)# switchport mode trunk

Choose a native VLAN other than VLAN 1

Exec-Sales(config-if)# switchport trunk native vlan 100

Provide the list of VLANs that are authorized to use the trunk link

Exec-Sales(config-if)# switchport trunk allowed vlan 20,21,40,50,100

Go back to privileged EXEC mode

Exec-Sales(config-vlan)# end

Here’s a little video to go through this with you:

You’ll need to do the same on the trunk link for the HR-Acc, Ops-Mktg and IT switches, but I’ll leave you to do that yourself. 

To check that the trunk link is properly configured, use the command show interfaces that we used before, but this time on the interface where the trunk is configured:

Exec-Sales # show interfaces g0/1 switchport 
Name: Gig0/1 
Switchport: Enabled 
Administrative Mode: trunk 
Operational Mode: trunk 
Administrative Trunking Encapsulation: dot1q 
Operational Trunking Encapsulation: dot1q 
Negotiation of Trunking: On 
Access Mode VLAN: 1 (default) 
Trunking Native Mode VLAN: 100 (Administration)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Administrative private-vlan trunk native VLAN: none 
Administrative private-vlan trunk encapsulation: dot1q 
Administrative private-vlan trunk normal VLANs: none 
Administrative private-vlan trunk private VLANs: none 
Operational private-vlan: none 
Trunking VLANs Enabled: 20-21,40,100 
Pruning VLANs Enabled: 2-1001 
Capture Mode Disabled 
Capture VLANs Allowed: ALL 
Protected: false 
Unknown unicast blocked: disabled 
Unknown multicast blocked: disabled 
Appliance trust: none 

Exec-Sales#

To restore the trunk port to its default settings, use the commands no switchport allowed vlan and no switchport trunk native vlan to delete any authorized VLANs and reset the native VLAN on the trunk.

When it restores to its default settings, the trunk will authorize all VLANs and will use VLAN 1 as the native VLAN.

Let's Recap!

In this chapter, you’ve seen that:

  • the show vlan brief and show interfaces interface_name switchport commands display VLAN information.

  • the no vlan command is used to change the VLAN assignment by reconfiguring the VLAN, and also to delete it.

  • a trunk link allows you to link several switches together, allowing VLANs to pass through.

  • the switchport mode trunk and switchport native vlan vlan_number commands are used to configure a trunk link on a Cisco Catalyst switch.

Now you know how to configure VLANs on a layer 2 switch, you're going to level up in the next chapter and configure a layer 3 switch: the core switch for your network!

Example of certificate of achievement
Example of certificate of achievement