VLANs
How to Configure VLANs on Cisco Switches
VLANs are virtual LANs that allow you to segment your network into logical groups of devices that share common characteristics or requirements. VLANs can improve network performance, security, and manageability by reducing broadcast domains, isolating traffic, and enforcing policies.
To configure VLANs on Cisco switches, you must perform two main tasks: create the VLANs in the VLAN database and assign switch ports to the VLANs. You can use either the command-line interface (CLI) or a web-based interface to perform these tasks.
Creating VLANs
To create a VLAN in the CLI, you must enter into global configuration mode and use the VLAN command followed by a number from 1 to 4094. For example, to create VLAN 10, you would type:
Switch(config)# vlan 10
Using the name command, you can optionally assign a name to the VLAN. For example, to name VLAN 10 as Sales, you would type:
Switch(config-vlan)# name Sales
To verify that you successfully created the VLAN, you can use the show VLAN brief command. For example:
Switch# show vlan brief
VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3 10 Sales active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup
Assigning Switch Ports to VLANs
To assign a switch port to a VLAN in access mode (meaning it can only belong to one VLAN), you need to enter into interface configuration mode and use the switchport mode access command followed by the switchport access vlan command with the number of the desired VLAN. For example, to assign FastEthernet 0/1 port to VLAN 10, you would type:
Switch(config)# interface FastEthernet 0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 10
Some versions of Cisco switches automatically create the VLAN in the VLAN database when you assign an access port to a VLAN. For example:
Switch(config)# interface FastEthernet 0/2 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 20
To verify that you have assigned the port correctly, you can use either show interfaces status or show interfaces switchport commands. For example:
Port Name Status Vlan Duplex Speed Type Fa0/1 connected 10 auto auto Fa0/2 connected 20 auto auto Fa0/3 connected trunk auto auto Fa0/4 notconnect trunk auto auto
Switch# show interfaces FastEthernet 0/1 switchport
Name: Fa0/1 Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 10 (Sales)