How to Configure VLANs on Cisco Switch Step By Step

VLANs are used to segment a large physical LAN into multiple small virtual LANs for better management and greater security. VLANs provide a number advantages and features. In this post, we will explain the key features provides by VLANs and how to configure VLANs on cisco switches. Some of the key features provided by VLANs are:

  • VLANs allow you to add, move, and change networks with ease by just configuring a port into the appropriate VLAN.
  • VLANs allow you to create a logical group of users by function.
  • VLANs are typically independent to the users’ physical or geographic locations.
  • VLANs enhance network security.
  • VLANs increase the number of broadcast domains.

Each VLAN is identified by a unique identification number called VLAN ID. The range of VLAN ID can vary from 1-1005. VLAN 1 is the default VLAN (native VLAN) that is used for the administrative purpose.

Cisco manageable switches allow you to configure VLANs as per your network requirements. There are two methods that can be used to configure VLANs.

  1. Static VLAN: In this method, an administrator needs to configure and update VLAN database manually each time. This method is preferred for a small network.
  2. Dynamic VLAN: VLANs database can be configured and updated with the help of a protocol called VTP (VLAN Trunking Protocol) automatically or with the least user interaction. This method is preferred for the large networks.

To configure VLANs on a Cisco switch, use the vlan global configuration command. In addition, one can also use the vlan database command in the privileged mode.

In this exercise, we will configure VLANs on Switch1 and Switch2. The following table lists the details of topology that we will use.VLAN Configuration IP Addresses Details

We will use the following topology to demonstrate how to configure VLANs.VLAN Configuration in Cisco Packet Tracer

Once you have created the preceding topology, configure the appropriate IP addresses on each PCs. Before configuring VLANs, let’s have a look at the command syntaxes used to configure VLANs.

Switch(config)#vlan <vlan number>
Switch(config-vlan)#vlan <name of vlan>

Once you created the desired VLANs, next, you need to assign the interfaces to the desired VLANs. To do so, the following commands are used in the interface configuration mode.

Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan <VLAN ID>

Configure VLANs Step By Step

  1. Execute the following commands on Switch1 to configure a VLAN named Sales with the VLAN ID as 10.
Switch1(config)#vlan 10
Switch1(config-vlan)#name Sales
  1. Execute the following commands on Switch1 to configure a VLAN named Account with the VLAN ID as 20, as shown in the following figure.
    Switch1(config)#vlan 20
    Switch1(config-vlan)#name Account

    Configure VLANs on Switch1

  2. Once you have configured the desired VLANs, execute the following commands to assign the Fa0/1 interface to Sales VLAN and Fa0/2 interface to Account VLAN.
    Switch1(config)#interface fa0/1
    Switch1(config-if)#switchport mode access
    Switch1(config-if)#switchport access vlan 10
    Switch1(config)#interface fa0/2
    Switch1(config-if)#switchport mode access
    Switch1(config-if)#switchport access vlan 20
  3. Once you have assigned the appropriate interfaces to the appropriate VLANs, verify the VLAN configuration by executing the following command, as shown in the following figure.
    Switch1#show vlan brief

    Verify VLAN configuration

  4. After configuring VLANs on Switch1, next, configure the same VLANs (Sales and Account) and assigned the same interfaces (Fa0/1 and fa0/2) to the respective VLANs. If you have any issue, refer the above-mentioned table.
    Switch(config)#hostname Switch2
    Switch2(config)#vlan 10
    Switch2(config-vlan)#name Sales
    Switch2(config)#vlan 20
    Switch2(config-vlan)#name Account
    Switch2(config)#interface fa0/1
    Switch2(config-if)#switchport mode access
    Switch2(config-if)#switchport access vlan 10
    Switch2(config)#interface fa0/2
    Switch2(config-if)#switchport access vlan 20
    Switch2#show vlan brief
  5. Now, you have done the VLAN configurations on both the switches. To verify your VLAN configuration, open Command Prompt on PC0 and type the following command:
  1. You should not be able to ping even both the PCs are in the same network. The reason is that PC0 (IP, interface Fa0/1) and PC1 (IP, interface Fa0/2) belong to different VLAN IDs.

    Verifying VLAN Configuration using the ping utility

  2. You should not be able to ping because we still have not configured VLAN trunking (covered in the next section) between both the switches.

Hope you it helped you. We would love to hear you and your valuable suggestions. In the next post, we will explain how to configure VLAN Trunking Protocol (VTP).

What’s Next?

Posted in Cisco, Switching Tagged with: , ,