Академический Документы
Профессиональный Документы
Культура Документы
Lab Manual
(642-813)
Table of Contents
Topics Page#
Virtual Local Area Network (Vlan) 5
Trunk 7
Virtual Trunking Protocol (Vtp) 9
Rapid Spanning Tree Protocol (Rstp) 12
Per Vlan Spanning Tree (Pvst) 14
Port Security 17
Inter Vlan Routing 20
Ether Channel (L2+L3) 25
Multiple Spanning Tree Protocol (Mstp) 27
Hot Standby Routing Protocol (Hsrp) 43
Virtual Router Redundancy Protocol (Vrrp) 49
Gateway Load Balancing Protocol (Glbp) 52
Bpdu Guard 56
Root Guard 57
Dhcp Snooping 61
Vlan Access List (Vacl) 64
Published By
All rights reserved. No part of this manual may be reproduced or transmitted in any form
or by any means, electronic or mechanical, including photocopying, recording and
information storage or retrieval system without written permission from the publisher,
except for the inclusion of quotation in a review.
Authors
Reviewed By
CTTC_HR>enable
CTTC_HR#vlan database
CTTC_HR(vlan)#vlan 10 name HR
CTTC_HR(vlan)#exit
CTTC_HR#show vlan
CTTC_HR(config)#int fa0/3
CTTC_HR(config-if)#switchport mode access
CTTC_HR(config-if)#switchport access vlan 10
CTTC_HR(config-if)#exit
Switch(config)#hostname CTTC_MKT
CTTC_SALES>enable
CTTC_SALES#show vtp status
Note:
If the switch is Root Bridge, it will display the message This bridge is the root.
Root ID Address and Bridge ID Address will be same in case of Root Bridge.
Default priority is 32768. VLAN ID (System Extension ID) is added to the default
10
Enabling RSTP:
CTTC_SALES (config)#spanning-tree mode rapid-pvst
Note: The above command will be issued on all the switches of the network.
Verify RSTP:
CTTC_SALES #show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID Priority 32769
Address 0002.16EE.8B7E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0002.16EE.8B7E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
To change the root bridge, you can also use the following command:
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 32778
Address 00E0.B0C4.4B83
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
12
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 24586
Address 00E0.B0C4.4B83
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
13
CTTC_FINANCE>enable
CTTC_FINANCE#configure terminal
CTTC_FINANCE(config-vlan)#vlan 20
CTTC_FINANCE(config-vlan)#exit
CTTC_FINANCE(config)#int fa0/3
CTTC_FINANCE(config-if)#switchport mode access
CTTC_FINANCE(config-if)#switchport access vlan 20
CTTC_FINANCE(config-if)#exit
CTTC_FINANCE(config)#spanning-tree vlan 20 priority 4096
CTTC_FINANCE(config)#do show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000D.BD04.5D93
Cost 19
Port 2(FastEthernet0/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 32788
Address 0060.2F37.4B21
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
14
CTTC(config)#interface fa0/1
CTTC(config-if)#switchport mode access
CTTC(config-if)#switchport port-security
CTTC(config-if)#switchport port-security mac-address sticky
CTTC(config-if)#switchport port-security maximum 1
CTTC(config-if)#switchport port-security violation shutdown
CTTC(config-if)#exit
CTTC(config)#interface fa0/2
CTTC(config-if)#switchport mode access
CTTC(config-if)#switchport port-security
CTTC(config-if)#switchport port-security mac-address sticky
CTTC(config-if)#switchport port-security maximum 1
CTTC(config-if)#switchport port-security violation shutdown
15
16
When a new PC is attached to the port on which port-security is enabled then Switch
will take an action which is set in the violation mode.
Fa0/2 1 1 1 Shutdown
17
CONFIGURATION OF CTTC_HR 1:
CTTC_HR#conf t
Enter configuration commands, one per line. End with CNTL/Z.
CTTC_HR(config)#vlan 10,20
CTTC_HR(config-vlan)#exit
CTTC_HR(config)#int vlan 1
CTTC_HR(config-if)#ip address 11.0.0.1 255.0.0.0
CTTC_HR(config-if)#no shut
CTTC_HR(config-if)#int vlan 10
CTTC_HR(config-if)#ip address 10.0.0.100 255.0.0.0
CTTC_HR(config-if)#no shut
CTTC_HR(config-if)#int vlan 20
CTTC_HR(config-if)#ip address 20.0.0.100 255.0.0.0
CTTC_HR(config-if)#no shut
CTTC_HR(config-if)#exit
CTTC_HR(config)#ip routing
CTTC_HR(config)#do show ip route
18
19
Configuring CTTC_SALES
CTTC_SALES(config)#vlan 10
CTTC_SALES(config-vlan)#name HR
CTTC_SALES(config-vlan)#vlan 20
CTTC_SALES(config-vlan)#name Sales
CTTC_SALES(config-vlan)#exit
CTTC_SALES(config)#interface fa0/1
CTTC_SALES(config-if)#switchport mode access
CTTC_SALES(config-if)#switchport access vlan 10
CTTC_SALES(config-if)#exit
CTTC_SALES(config)#interface fa0/2
CTTC_SALES(config-if)#switchport mode access
CTTC_SALES(config-if)#switchport access vlan 20
CTTC_SALES(config-if)#exit
CTTC_SALES(config)#interface fa0/3
CTTC_SALES(config-if)#switchport mode trunk
20
21
Configuration on sw1
Configuration on sw2
CTTC_SALES(config-if-range)#exit
CTTC_SALES(config)#int range fa0/1 - 2
CTTC_SALES(config-if-range)#no switchport
CTTC_SALES(config-if-range)#channel-group 1 mode desirable
CTTC_SALES(config)#do show ether summary
23
\
Configuration on CTTC_SALES
CTTC_SALES(config)#int range fa0/1-2
CTTC_SALES(config-if-range)#switchport
CTTC_SALES(config-if-range)#channel-group 1 mode active
CTTC_SALES(config-if-range)#exit
CTTC_SALES(config)#int port-channel 1
CTTC_SALES(config-if)#switchport trunk encapsulation dot1q
Configuration on CTTC_MKT
CTTC_MKT(config)#int range fa0/1-2
CTTC_MKT(config-if-range)#switchport
CTTC_MKT(config-if-range)#channel-group 1 mode passive
CTTC_MKT(config-if)#switchport trunk encapsulation dot1q
CTTC_MKT(config-if-range)#exit
CTTC_MKT(config-if)#do show ether summary
CONFIGURATION ON CTTC_MKT
CTTC_MKT>
CTTC_MKT>enable
CTTC_MKT#conf terminal
CTTC_MKT(config)#vlan 10,20,30,40,50,60,70,80
CTTC_MKT#show vlan
25
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
26
VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
27
VLAN0050
Spanning tree enabled protocol ieee
Root ID Priority 32818
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
28
VLAN0070
Spanning tree enabled protocol ieee
Root ID Priority 32838
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
29
VLAN0090
Spanning tree enabled protocol ieee
Root ID Priority 32858
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
30
VLAN0110
Spanning tree enabled protocol ieee
Root ID Priority 32878
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
31
ENABLING MST
CTTC_MKT#configure t
Enter configuration commands, one per line. End with CNTL/Z.
CTTC_MKT(config)#spanning-tree mode mst
CTTC_MKT(config)#do show spanning-tree
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
32
CTTC_MKT(config-mst)#show pending
CTTC_MKT(config-mst)#exit
CTTC_MKT(config)#do show spanning-treen mst conf
Name [cisco]
Revision 1 Instances configured 3
33
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
MST1
Spanning tree enabled protocol mstp
Root ID Priority 32769
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
34
CONFIGURATION ON CTTC_SALES
CTTC_SALES(config)#vlan 10 ,20,30,40,50,60,70,80,90,100,110,120
CTTC_SALES(config-vlan)#exit
CTTC_SALES(config)# do show vlan
35
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 000b.be53.a400
Cost 19
Port 4 (FastEthernet0/4)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
36
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 32788
Address 000b.be53.a400
Cost 19
Port 4 (FastEthernet0/4)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
OUTPUT CONTINUE.
37
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 000b.be53.a400
Cost 200000
Port 4 (FastEthernet0/4)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
38
MST1
39
Name [cisco]
Revision 1 Instances configured 3
Instance Vlans mapped
-------- ---------------------------------------------------------------------
0 1-9,51-59,121-4094
1 10-50
2 60-120
40
CONFIGURATION ON CTTC_WAN:
CTTC_WAN>
CTTC_WAN>enable
CTTC_WAN#configure t
CTTC_WAN(config)#int f0/1
CTTC_WAN(config-if)#ip address 12.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
CTTC_WAN(config)#int f0/0
CTTC_WAN(config-if)#ip address 11.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
41
FastEthernet0/1 - Group 1
State is Standby
7 state changes, last state change 00:00:12
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
CTTC_SALES(config-if)#int fa0/1
CTTC_SALES(config-if)#standby 1 priority 110
CTTC_SALES(config-if)#do sh standby
FastEthernet0/1 - Group 1
State is Active
8 state changes, last state change 00:00:06
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.920 secs
Preemption enabled
Active switch is local
Standby switch is unknown
Priority 110 (configured 110)
IP redundancy name is "hsrp-Fa0/1-1" (default)
42
FastEthernet0/1 - Group 1
State is Active
8 state changes, last state change 00:00:54
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 1 sec, hold time 4 sec
Next hello sent in 0.788 secs
Preemption enabled
Active switch is local
Standby switch is 10.0.0.2, priority 100 (expires in 3.796 sec)
Priority 110 (configured 110)
IP redundancy name is "hsrp-Fa0/1-1" (default)
FastEthernet0/1 - Group 1
State is Init (interface down)
9 state changes, last state change 00:00:19
Virtual IP address is 10.0.0.100
Active virtual MAC address is unknown
Local virtual MAC address is 0000.0c07.ac01 (v1 default)
Hello time 1 sec, hold time 4 sec
Preemption enabled
Active switch is unknown
Standby switch is unknown
Priority 100 (default 100)
Track interface FastEthernet0/0 state Up decrement 20
IP redundancy name is "hsrp-Fa0/1-1" (default)
43
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:00:00
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.096 secs
Preemption disabled
Active switch is local
Standby switch is unknown
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0-1" (default)
44
FastEthernet0/0 - Group 1
State is Standby
4 state changes, last state change 00:01:22
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.448 secs
Preemption enabled
Active switch is 10.0.0.1, priority 100 (expires in 9.716 sec)
Standby switch is local
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0-1" (default)
CTTC_MKT(config-if)#do show standby
FastEthernet0/0 - Group 1
State is Standby
4 state changes, last state change 00:01:34
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.868 secs
Preemption enabled
Active switch is 10.0.0.1, priority 100 (expires in 7.852 sec)
Standby switch is local
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0-1" (default)
45
FastEthernet0/0 - Group 1
State is Standby
7 state changes, last state change 00:00:43
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 1 sec, hold time 4 sec
Next hello sent in 0.864 secs
Preemption enabled
Active switch is 10.0.0.1, priority 110 (expires in 3.856 sec)
Standby switch is local
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0-1" (default)
FastEthernet0/0 - Group 1
State is Active
8 state changes, last state change 00:00:12
Virtual IP address is 10.0.0.100
Active virtual MAC address is 0000.0c07.ac01
Local virtual MAC address is 0000.0c07.ac01 (default)
Hello time 1 sec, hold time 4 sec
Next hello sent in 0.724 secs
Preemption enabled
Active switch is local
Standby switch is unknown
Priority 100 (default 100)
IP redundancy name is "hsrp-Fa0/0-1" (default)
46
CONFIGURATION ON CTTC_WAN:
CTTC_WAN>
CTTC_WAN>enable
CTTC_WAN#configure t
CTTC_WAN(config)#int f0/1
CTTC_WAN(config-if)#ip address 12.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
CTTC_WAN(config)#int f0/0
CTTC_WAN(config-if)#ip address 11.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
47
FastEthernet0/0 - Group 1
State is Backup
Virtual IP address is 10.0.0.100
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Master SWITCH is 10.0.0.2, priority is 100
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec (expires in 2.849 sec)
FastEthernet0/0 - Group 1
State is Master
Virtual IP address is 10.0.0.100
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 140
Master SWITCH is 10.0.0.1 (local), priority is 140
Master Advertisement interval is 1.000 sec
Master Down interval is 3.453 sec
48
FastEthernet0/1 - Group 1
State is Master
Virtual IP address is 10.0.0.100
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Master SWITCH is 10.0.0.2 (local), priority is 100
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec
CTTC_MKT(config-if)#vrrp 1 preempt
FastEthernet0/1 - Group 1
State is Backup
Virtual IP address is 10.0.0.100
Virtual MAC address is 0000.5e00.0101
Advertisement interval is 1.000 sec
Preemption enabled
Priority is 100
Master SWITCH is 10.0.0.1, priority is 140
Master Advertisement interval is 1.000 sec
Master Down interval is 3.609 sec (expires in 3.317 sec)
49
CONFIGURATION ON CTTC_WAN
CTTC_WAN>enable
CTTC_WAN#configure t
CTTC_WAN(config)#int f0/1
CTTC_WAN(config-if)#ip address 12.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
CTTC_WAN(config)#int f0/0
CTTC_WAN(config-if)#ip address 11.0.0.1 255.0.0.0
CTTC_WAN(config-if)#no shutdown
CTTC_WAN(config-if)#exit
50
CTTC_SALES#configure terminal
CTTC_SALES(config)#int fa0/0
CTTC_SALES(config-if)#ip address 11.0.0.2 255.0.0.0
CTTC_SALES(config-if)#no shutdown
CTTC_SALES(config-if)#exit
CTTC_SALES(config)#int fa 0/1
CTTC_SALES(config-if)#ip address 10.0.0.1 255.0.0.0
CTTC_SALES(config-if)#no shutdown
CTTC_SALES(config-if)#exit
CTTC_SALES(config)#int fa0/1
CTTC_SALES(config-if)#glbp 1 ip 10.0.0.100
51
FastEthernet0/1 - Group 1
State is Init (interface down)
Virtual IP address is 10.0.0.100
Hello time 3 sec, hold time 10 sec
Redirect time 600 sec, forwarder time-out 14400 sec
Preemption disabled
Active is unknown
Standby is unknown
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
0007.0e3d.79c5 (10.0.0.1) local
There are no forwarders
CTTC_SALES(config-if)#do sh glbp
FastEthernet0/1 - Group 1
State is Speak
Virtual IP address is 10.0.0.100
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.168 secs
Redirect time 600 sec, forwarder time-out 14400 sec
Preemption disabled
Active is 10.0.0.2, priority 100 (expires in 9.776 sec)
Standby is unknown
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
0007.0e3d.79c5 (10.0.0.1) local
0008.a379.d660 (10.0.0.2)
There are 2 forwarders (0 active)
Forwarder 1
State is Listen
MAC address is 0007.b400.0101 (learnt)
Owner ID is 0008.a379.d660
Time to live: 14399.776 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 10.0.0.2 (primary), weighting 100 (expires in 9.776 sec)
Forwarder 2
State is Listen
MAC address is 0007.b400.0102 (default)
Owner ID is 0007.0e3d.79c5
Preemption enabled, min delay 30 sec (18 secs remaining)
Active is 10.0.0.2 (secondary), weighting 100 (expires in 7.348 sec)
CTTC_SALES(config-if)#glbp 1 preempt
52
CTTC_MKT#configure terminal
CTTC_MKT(config)#int s0/1
CTTC_MKT(config-if)#ip address 12.0.0.2 255.0.0.0
CTTC_MKT(config-if)#no shut
CTTC_MKT(config-if)#int fa0/0
CTTC_MKT(config-if)#ip address 10.0.0.2 255.0.0.0
CTTC_MKT(config-if)#no shut
CTTC_MKT(config-if)#glbp 1 ip 10.0.0.100
CTTC_MKT(config-if)#do show glbp
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:00:52
Virtual IP address is 10.0.0.100
Hello time 3 sec, hold time 10 sec
Next hello sent in 1.588 secs
Redirect time 600 sec, forwarder time-out 14400 sec
Preemption disabled
Active is local
Standby is unknown
Priority 100 (default)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
There are 2 forwarders (1 active)
Forwarder 1
State is Active
1 state change, last state change 00:00:42
MAC address is 0007.b400.0101 (default)
Owner ID is 0008.a379.d660
Redirection enabled
Preemption enabled, min delay 30 sec
Active is local, weighting 100
Forwarder 2
State is Disabled
MAC address is 0007.b400.0102 (learnt)
Owner ID is 0007.0e3d.79c5
Redirection enabled, 598.924 sec remaining (maximum 600 sec)
Time to live: 14398.924 sec (maximum 14400 sec)
Preemption enabled, min delay 30 sec
Active is 10.0.0.1 (primary), weighting 100 (expires in 8.924 sec)
53
CONFIGURATION ON CTTC_HR
CTTC_HR(config)interface fa0/20
CTTC_HR(config-if)#spanning-tree bpduguard enable
54
CTTC_SALES(config)interface fa0/20
CTTC_SALES(config-if)#spanning-tree bpduguard enable
55
CONFIGURATION ON CTTC_HR
CTTC_HR>enable
CTTC_HR#configure terminal
CTTC_HR(config)#spanning-tree vlan 1 priority 12288
CTTC_HR(config)#do show spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 8193
Address 000f.2468.0500
Cost 19
Port 6 (FastEthernet0/6)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
56
Configuration on CTTC_SALES
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 8193
Address 000f.2468.0500
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
CTTC_SALES(config-if)#int fa0/16
CTTC_SALES(config-if)#spanning-tree guard root
57
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 8193
Address 000f.2468.0500
Cost 19
Port 19 (FastEthernet0/19)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 1
Address 000b.be53.a400
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
58
CONFIGURATION ON CTTC_HR
CTTC_HR>enable
CTTC_HR#conf igure terminal
CTTC_HR(config)#ipdhcp pool cttc_pool
CTTC_HR(dhcp-config)#network 192.168.1.0 255.255.255.0
CTTC_HR(dhcp-config)#default-router 192.168.1.1
CTTC_HR(dhcp-config)#exit
CTTC_HR(config)#ipdhcp excluded-address 192.168.1.1 192.168.1.5
CTTC_HR(config)#int fa0/0
CTTC_HR(config-if)#ip address 192.168.1.1 255.255.255.0
CTTC_HR(config-if)#no shut
CTTC_HR(config-if)#exit
59
CONFIGURATION ON CTTC_SALES
60
61
OBJECTI VE: To Show How VlAN Access List Works By Blocking the
Communication between Two Clients of the Same VLAN
Configuration on CTTC_HR
CTTC_HR>enable
CTTC_HR#conf igure terminal
CTTC_HR(config)#access-list 100 permit ip host 10.0.0.5 host 10.0.0.12
CTTC_HR(config)#vlan access-map block
CTTC_HR(config)#vlan access-map block 10
CTTC_HR(config-access-map)#match ip address 100
CTTC_HR(config-access-map)#action drop
CTTC_HR(config-access-map)#vlan access-map block 20
CTTC_HR(config-access-map)#action forward
CTTC_HR(config-access-map)#exit
CTTC_HR(config)#vlan filter block vlan-list 1
CTTC_HR(config)#exit
62