Free CCNA | VLANs (Part 2) | Day 17 Lab | CCNA 200-301 Complete Course

Welcome to Jeremy’s IT Lab. This is a free, complete course for the CCNA. If you like these videos, please subscribe
to follow along with the series. Also, please like and leave a comment, and
share the video to help spread this free series of videos. Thanks for your help. Also, remember to download this practice lab
from the link in the description and try it out yourself in packet tracer. If you want more labs like these, I highly
recommend picking up Boson’s NetSim for the CCNA, click the link in the video description
to check it out. It’s a network simulator like packet tracer,
but it’s even more powerful, less limited, than packet tracer, and it includes plenty
of pre-made labs with detailed instructions to help you practice and learn. I have collapsed all of the other sections
here, network fundametnals, IP connectivity, IP services, and security fundamentals, but
the labs that are relevant to what we’re studying now are here, in the network access
section.

Configuring VLANs, VLANs, deleting VLANs,
these two are about VTP, which will be covered in day 18’s lecture video, VLAN configuration,
trunking. Stick around to the end of the video for a
preview of a lab that is relevant to what we’re studying today. And once again, click the link in the description
to purchase a copy of NetSim for CCNA. I used NetSim for my CCNP, and NetSim alone
was more than enough labbing pratice for me to pass all of my exams on the first try. Let’s go back to packet tracer. In this lab, we will configure VLANs, specifically
VLAN trunking, as we covered in day 17’s lecture video. This is the same network topology used in
Day 17’s lecture video, only the IP addresses have been changed slightly.

So, let’s get started with step 1. Step 1 says to configure the switch interfaces
connected to PCs as access ports in the correct VLAN. I’ll go on SW1 first. Enter privileged exec mode with ENABLE, then global config mode with CONFIGURE TERMINAL. So, there are two PC’s in VLAN10, let’s
configure those first. INTERFACE RANGE F0/1 to 2. SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 10. And the switch creates VLAN10 for us. Okay, that’s all for these hosts. Next up, VLAN30. INTERFACE RANGE F0/3 to 4. SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 30. Once again, the switch creates the VLAN for us. Okay, that’s all for SW1 for now. Next let’s go on to SW2. Enter privileged exec mode with ENABLE. Then global config mode with CONF T (CONFIGURE
TERMINAL). I’ll configure VLAN20 first. INTERFACE F0/1. SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 20. Next, VLAN10. INTERFACE RANGE F0/2 to 3.

SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 10. Okay, step 1 is complete. Step 2 is to configure the connection between
SW1 and SW2 as a trunk, and allow only the necessary VLANs. We should configure an unused VLAN as the
native VLAN, and also make sure all necessary VLANs exist on each switch. I’ll return to SW1 now. Okay, let’s configure the interface. INTERFACE G0/1. If you remember from the lecture video, in
some switches we have to use the SWITCHPORT TRUNK ENCAPSULATION DOT1Q command before configuring the interface as a trunk. Let’s see if we have to do that here. SWITCHPORT TRUNK, then use the question mark. As you can see, there is no option for ENCAPSULATION. This isn’t a case of packet tracer not supporting
the command, but rather it’s because this switch itself only supports DOT1Q encapsulation. As I mentioned in the lecture video, modern
switches often don’t support Cisco's ISL, since the industry standard DOT1Q is used almost
exclusively.

So, we can go straight to the next command. SWITCHPORT MODE TRUNK. Now, let’s allow VLANs 10 and 30. SWITCHPORT TRUNK ALLOWED VLAN 10,30. Why don’t I need to allow VLAN20 on this
trunk? I already explained this in the lecture video,
but it’s because no hosts in VLAN20 are connected to this switch. If PC5, in VLAN20, wants to reach any hosts
here, its traffic will be sent to the router first, which will send it back to SW2 in VLAN10
or VLAN30, which will then send it over to SW1. Watch the lecture video again if you want
a more detailed explanation. Okay, finally let’s set the native VLAN
to an unused VLAN. SWITCHPORT TRUNK NATIVE VLAN 1001. You can use anything here, just use an unused VLAN. Now, do all of the necessary VLANs exist on
this switch? Let’s check. DO SHOW VLAN BRIEF. We have VLANs 10 and 30, looks good. We don’t need to create any more VLANs. Okay, now let’s go to SW2. Interface G0/1. The configurations will be the same as on
SW1. SWITCHPORT MODE TRUNK. SWITCHPORT TRUNK ALLOWED VLAN 10,30. Again, VLAN20 doesn’t need to be allowed,
there are no VLAN20 hosts connected to SW1, so SW2 doesn’t need to send VLAN20 traffic
along this trunk.

Okay, next set the native VLAN. SWITCHPORT TRUNK NATIVE VLAN 1001. Okay, that’s all for the configuration of
the trunk. Now, do all necessary VLANs exist on the switch? DO SHOW VLAN BRIEF. We have VLANs 10 and 20. Let’s do another show command. DO SHOW INTERFACES TRUNK. So, VLANs 10 and 30 are allowed on the trunk,
which is good, however look under here. Vlans allowed and active in management domain
displays only VLAN10.

That’s a problem, it means SW2 won’t actually
receive VLAN30 traffic on this trunk. That’s because VLAN30 doesn’t exist yet
on the switch. VLANs 10 and 20 were automatically created
when we configured access ports in those VLANs, but VLAN 30 wasn’t created. So, let’s make it. VLAN 30. exit. DO SHOW INTERFACES TRUNK. Okay, now you can see that it appears here. That’s all for step 2. Step 3 is to configure the connection between
SW2 and R1 using router on a stick.

Let’s quickly do the configuration here
on SW2 first, it will be mostly the same as the G0/1 trunk, except we must allow all three
VLANs. INTERFACE G0/2. SWITCHPORT MODE TRUNK. SWITCHPORT TRUNK ALLOWED VLAN 10,20,30. SWITCHPORT TRUNK NATIVE VLAN 1001. That’s all for the switch. Now let’s go on to R1. Enter privileged exec mode with ENABLE, then
CONF T to enter global config mode.

First, let’s enable the physical interface. INTERFACE G0/0. NO SHUTDOWN. As I have said many times before, Cisco router
interfaces are disabled by default. Now let’s configure the VLAN10 subinterface. INTERFACE G0/0 DOT 10. This subinterface number DOESNT have to match
the VLAN number, but you really should make them match. Okay, let’s set the VLAN number itself. ENCAPSULATION DOT1Q 10. Finally, the IP address, which should be the
last usable address of the subnet, according to the instructions.

IP ADDRESS 10.0.0.62 255.255.255.192. Okay, that’s it. I get the question sometimes, why does the
router address have to be the last usable address? Well, it doesn’t have to be, but you should
have a system you use. Either the first usable address or the last usable address as the
gateway address for the subnet, so there is consistency across the network. Don’t just use a random address for the
router, or it will be difficult to understand things in a large network. Okay, now let’s configure VLAN20’s subinterface. INTERFACE G0/0.20. ENCAPSULATION DOT1Q 20. Once again, set the last usable address as
the router’s address. IP ADDRESS 10.0.0.126 255.255.255.192. Okay, finally
is VLAN30's subinterface. INTERFACE G0/0.30. ENCAPSULATION DOT1Q 30. IP ADDRESS 10.0.0.190 255.255.255.192, which
is the last usable address of the VLAN30 subnet. So, that’s all of the configurations for
this lab. Next up is to test connectivity. If everything is configured correctly, each
PC should be able to ping any other PC. I’ll do some pings from PC7 to test. Let’s ping another PC in VLAN10, PC1. PING 10.0.0.1. Okay, no problems here. Let’s watch the ping in simulation mode.

Okay, send that ping again. PING 10.0.0.1. As you can see, because PC1 is in the same
VLAN, the same subnet, PC7 sends the frame directly to PC1, no need for inter-VLAN routing. Now let’s go back to realtime mode and try
to ping PC5, in VLAN 20. PING 10.0.0.65. Okay, the ping works. Let’s take a look in simulation mode. PING 10.0.0.65. Notice that the ping has
to travel to R1 first, before being sent back to SW2 and then to PC5, and the reply follows
the same path.

Okay, back to realtime mode, and finally we
will ping PC3, in VLAN20. PING 10.0.0.129. Okay, the ping works, and once again let’s take a look at it in simulation mode. PING 10.0.0.129. Once again, the ping must go to R1 first to
be routed, then goes to SW2 and SW1 before reaching PC3, and then it follows the same
path back. Okay, that’s all for this lab. Okay, let's move on to the Boson NetSim preview. I've selected one lab here, Inter-VLAN Routing
1. Click on the lab, and you get a little preview. And then click on 'load lab'. And here is the lab. There's the objective here. The lab topology. This is very much like the lab we just did. One router, two switches, and some PCs connected
to each switch. There is a command summary which shows you
all of the commands you need to know to complete the lab. And these are all commands you already know. ENCAPSULATION DOT1Q, to set the VLAN on a
router subinterface. Some SHOW commands. SHOW MAC-ADDRESS-TABLE. SHOW RUNNING-CONFIG. SHOW VLAN BRIEF. And SWITCHPORT commands, ACCESS VLAN, SWITCHPORT MODE. SWITCHPORT TRUNK ENCAPSULATION. And then next, the IP addresses on each device.

So, let's go to the lab tasks. There are three main tasks for this lab. Task 1, configure the switch and PC hosts. Task 2, configure subinterfaces. And task 3, complete and verify connectivity. And each of these tasks has multiple sub-tasks,
multiple steps. So, for this preview let's just do task 1. This involves configuring basic network connectivity
on Switch1, PC1 and PC2. So, in this lab PC1 and PC2 are connected
to the same switch, but the users belong to different departments within the company. So, your task is to assign the two PC hosts
to separate VLANs within the network. Okay, so step 1, verify the current IP configurations
on PC1 and PC2. Verify that they match the IP configurations
listed in the IP addresses table. So, this is the table. With PC1 and PC2's IP information. So, to check the configuration on each PC,
you first have to go into the CLI. You see, by default we are in Router1's CLI. To access the CLI of separate devices, here
under 'devices' click on PC1. Click on console. And let's open PC2, console. And also we will be using Switch1, so click
on console here. Okay. First let's go to PC1.

To check the IP configuration on a PC, use
this command. IPCONFIG /ALL. So, here is the IP address. 192.168.100.2. That is correct. The subnet mask is correct, this is a /25
prefix length. And the default gateway is .1, which is correct. And that happens to be the IP address of R1's
F0/0.10 subinterface. So PC1's okay. Let's check PC2. IPCONFIG /ALL. 192.168.100.130 is correct. Same, /25 subnet mask. The default gateway is .129, which is correct,
and this is the IP address on Router1's .12 subinterface.

Okay, so that's step 1. Step 2, configure Switch1 with the appropriate
hostname. Let's go to the CLI of Switch1. You can see it has the default hostname of
'Switch', so let's change that. ENABLE. CONF T. HOSTNAME Switch1. There we go, the hostname has changed to Switch1. Okay, each PC is a member of a different department
and belongs in a different VLAN. PC1 belongs to VLAN10 and PC2 belongs to VLAN12. Do VLANs 10 and 20 exist on SW1? So, you can check that with a command you
already know, DO SHOW VLAN BRIEF. You can see all ports are in, sorry about
that, in VLAN1 by default. And VLANs 10 and 12 do not exist. So, we can go on to step 4, which says if
the VLANs do not already exist, create VLAN10 and VLAN12. Let's do that. VLAN 10. And then, without exiting from here, we can
go straight to VLAN 12. EXIT. And then, hit the up arrow. There we go, DO SHOW VLAN BRIEF.

And you can see both VLANs were created, VLAN10
and VLAN12. Okay next up, step 5. There is no documentation present about your
network, so you must learn which ports PC1 and PC2 are connected to on Switch 1 before
adding each PC to the appropriate VLAN. How would you go about discovering which port
each PC is connected to? So, this might be a little bit of a challenge. I'm gonna exit out of here. And then I'll go back to the PCs, PC1. So, what you have to look for here is the
'Physical Address'.

Physical address, what is that? Well, it's the MAC address of this PC. So, take note of these last four digits, 3538. And now on Switch1, let's check the MAC address
table. SHOW MAC-ADDRESS-TABLE. Now, notice here it's MAC hyphen ADDRESS hyphen
TABLE. On some newer devices you'll probably find
it as SHOW MAC space ADDRESS hyphen TABLE, like this. Now, let's see if this switch supports the
command.

And, it does not. So, 'invalid input'. So, on this switch we will use the SHOW MAC
hyphen ADDRESS hyphen TABLE command. I think I mentioned that in one of my previous
videos, that you might find it with or without a hyphen. So, we were looking for 3538, and you can
see the switch has learned it on port FastEthernet0/3. So, PC1 is connected to FastEthernet0/3. How about PC2? Here is the physical address. Take note of the last four digits again, 6059. 6059, that is FastEthernet0/4. And, just to check let's look at the diagram
up here. Okay, so PC1 FastEthernet0/3, PC2 FastEthernet0/4,
so we were correct. Okay, so add the PCs to the correct VLANs. So, CONF T. PC1 is connected to FastEthernet0/3,
so INTERFACE F0/3. SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 10. Okay, now FastEthernet0/4. SWITCHPORT MODE ACCESS. SWITCHPORT ACCESS VLAN 12.

Okay, step 7, on Switch1 verify your configuration. I'll just get out of here. Back to privileged exec mode. And do SHOW VLAN BRIEF. Okay, in VLAN10 we have FastEthernet0/3, which
is connected to PC1, and in VLAN12 we have FastEthernet0/4, which is connected to PC2. So, our configurations are correct. Okay, next, issue a ping from PC1 to PC2. Why does the ping fail? So, we're expecting this to fail but let's
do the ping anyway. PING 192.168.100.130. So, these pings are gonna fail. I'll just wait for a few to go through. Okay, so why are these pings failing? So, these two PCs are in separate VLANs, so
they need something to do inter-VLAN routing for them. And that would be Router1. But we haven't configured any inter-VLAN routing
yet. So, for example on Switch1, let's see if we
even have a trunk interface configured here on FastEthernet0/1. SHOW INTERFACES TRUNK. No, we do not. You can see FastEthernet 2 is a trunk, connected
to Switch2. But FastEthernet0/1 is not a trunk. How about on R1, do we have any subinterfaces
configured? SHOW IP INTERFACE BRIEF.

No, no subinterfaces configured. So, router-on-a-stick, our inter-VLAN routing,
is not configured and that is why the pings failed. Okay, so there are two more tasks, configuring
subinterfaces, complete and verify connectivity. I'll let you guys do those on your own. And if you ever have any trouble, or want
to check your solution, down here are complete lab solutions. So, for task 1 you can see the IPCONFIG /ALL
command we used, configuring the hostname, this is SHOW VLAN, I used SHOW VLAN BRIEF,
but SHOW VLAN is okay also. Configuring the VLANs, and everything we just
did, looking at the physical address, the MAC address. Okay, so once you're done the lab, click here,
'grade lab'. Now, we're not finished, so it's gonna tell
us that we did not complete the lab, we didn't do it correctly, but that's okay. There you go, 'you missed one or more commands
in the lab.' So, you can see here on Switch2, PC1, 2, 3,
4, their configurations are fine. That's because we didn't have to do any configurations
on these.

But we're missing configurations on Router
1 and Switch1. So, these commands in red are commands that
we missed. So we were gonna set the host name on Router1,
configure subinterfaces. How about on Switch1? Oh yeah, configuring FastEthernet0/1 as a
trunk. Okay, so that's all for today's NetSim preview. If you want to get a copy of NetSim and try
this lab and many others on your own, follow the link in the description. Thank you for watching. Please subscribe to the channel, like the
video, leave a comment, and share the video with anyone else studying for the CCNA. If you
want to leave a tip, check the links in the description. I'm also a Brave verified publisher and accept
BAT, or Basic Attention Token, tips via the Brave browser. That's all for now..

You May Also Like