Configure the PCs to use DHCP.Ĭurrently, the PCs are configured to use static IP addresses. The pool name is BX_VLAN# where X is the router number and # is the VLAN number. Exclude the first 24 IP addresses in each pool for the wireless LANs. Exclude the first 10 IP addresses in each pool for the LANs. On the Branch routers, configure DHCP pools for each VLAN using the following requirements: Hello Time 2 sec Max Age 20 sec Forward Delay 15 secīridge ID Priority 4097 (priority 4096 sys-id-ext 1) Configure BX-S3 as the backup root bridge.Set the priority level to 8192 on BX-S3 so that these switches are always the backup root bridge for all VLANs.ī2-S3(config)#spanning-tree vlan 1-1001 priority 8192 Step 3. Set the priority level to 4096 on BX-S1 so that these switches are always the root bridge for all VLANs.ī3-S1(config)#spanning-tree vlan 1-1001 priority 4096 Step 2. The appropriate commands to verify that access VLANs are correctlyĪssigned and that the port security policy has been enabled.
Verify VLAN assignments and port security. ! by default is only 1 MAC, but anyway we will enter this commandī3-S2(config-if-range)#switchport port-security maximum 1ī3-S2(config-if-range)#switchport port-security mac-address sticky Step 3.
Configure the first learned MAC address to "stick" to the configuration - Set the port to shut down if there is a security violationī3-S2(config)#int range fastEthernet 0/6 - fa 0/24ī3-S2(config-if-range)#switchport port-security Use the following policy to establish port security on the BX-S2 access ports:
Use the VLAN Configuration and Port Mappings table to complete the following requirements:Ĭonfigure Access ports (on ALL B X-S2 Switches)ī3-S2(config-if)#switchport access vlan 10ī3-S2(config-if)#switchport access vlan 20ī3-S2(config-if)#switchport access vlan 30 Configure Wireless Port in Accessī3-S3(config-if)#switchport access vlan 88 Step 2.
Task 8: Assign VLANs and Configure Port Security