Lab 4‐1: Small Enterprise Class Lab - AidanP017/Aidan-NET-330 GitHub Wiki

Purpose

For this lab, we grouped up and configured a small enterprise using our workstations and physical equipment. Our group configured Clinic and Admin users in the Yonder group in order to ping the two for establishing connections.

Consoling Into Switch

Using PuTTY, we could console into the Catalyst switch by performing a series of steps.

  1. Plug the serial console cable (light blue) into the USB port on the workstation.
  2. Open the Device Manager on the workstation to see what COM port is being used. {BB98E756-A235-400C-9FA8-628F481940F0}
  3. Connect the cable to the console port on the switch.
  4. Power on the switch.
  5. Open PuTTY on the workstation.
  6. In the Configuration tab, navigate to Connection > Serial and enter the following information:
  • Serial line to connect to is the COM port that was found in step 2.
  • Bits per sec (Speed) should be set to 9600.
  • Data bits should be set to 8.
  • Parity should be set to None.
  • Stop bits should be set to 1.
  • Flow control should be set to None (XON/XOFF).
  • Example Display:

{31FC813C-7FA5-4C3C-A926-D18DFC7AC51E}

  1. Navigate to Session > Serial and change the COM port to the one found in step 2.
  • Example Display:

{98F511FD-3527-4E7E-93E7-1AE74BB98FDD}

  1. Click Open and you should now have access to the switch configuration.

Multi-Layer Switch Configuration

First, we configured the multi-layer switch after connecting it physically. We started by setting the hostname by typing hostname Yonder-MLS.

Then we enabled routing to be configured on the switch: ip routing

Next, we set up the VLANs 400 and 410 for the Clinic and Admin users, respectively.

int vlan 400 --> name clinic

int vlan 410 --> name admin

Then we set up the IP addresses to be used for each VLAN.

int vlan 400 --> ip address 192.168.40.1 255.255.255.0

int vlan 410 --> ip address 192.168.41.1 255.255.255.0

After this, we configured the trunk ports and defined how the packets are tagged.

int ga4/0/45 --> switchport mode trunk --> switchport trunk encapsulation dot1q

int ga4/0/47 --> switchport mode trunk --> switchport trunk encapsulation dot1q

Finally, we saved the configurations to finish setting up the multi-layer switch: copy run start

image

North Edge Switch Configuration (Clinic)

Next, we configured the north edge switch that would be associated with the Clinic PC. Similar to the multi-layer switch, we first set the hostname for the switch by typing hostname yonder-clinic-sw.

Then we configured the VLANs and specified their proper names.

vlan 400 --> name clinic

vlan 410 --> name admin

We had to assign ports on the physical switch to be used as trunk and access ports. We chose to configure port 19 as the trunk port.

int gi1/0/19 --> switchport mode trunk --> switchport trunk encapsulation dot1q

{C2889ED5-E6BE-40DF-AE38-FDE3D2BE91EE}

Then we configured port 1 as the access port.

int gi2/0/1 --> switchport access vlan 400

{B4570BED-22F3-46C4-BDAB-05EC45065407}

South Edge Switch Configuration (Admin)

After this, we configured the south edge switch that would be associated with the Admin PC by first setting the hostname: hostname yonder-admin-sw

Then configured the VLANs again.

vlan 400 --> name clinic

vlan 410 --> name admin

The same port was defined for the trunk port, but the access port was configured a little differently using GigabitEthernet2/0/2 instead of GigabitEthernet2/0/1.

int gi1/0/19 --> switchport mode trunk --> switchport trunk encapsulation dot1q

int gi2/0/2 --> switchport access vlan 410

With these configurations established and saved, we used our Foster workstations booted to Kali as PCs and connected them to the appropriate switches, setting the proper IP and subnet mask information.

In our case, we used an IP address of 192.168.40.1/24 for the Clinic PC and an IP address of 192.168.41.1/24 for the Admin PC.

Connection Testing

To test connectivity, we pinged between the Clinic and Admin PCs on the North and South switches, respectively.

Clinic to Admin Ping:

{F1670CBF-01EE-46D3-A85C-AF026D7F1C49}

Admin to Clinic Ping:

{70EA1A46-D1D8-44E5-A76E-FA77809D2892}

Cisco Configuration Tips

We also learned some useful commands for performing Cisco configurations.

  • By default, Cisco does not save configuration changes which means they will be lost during a reboot if not saved properly. But current configurations can be saved by using one of two commands:
    • copy running-configuration startup-configuration
    • copy run start
  • Using the commands show run or do show run in configuration mode will show the entire Cisco configuration.
  • Configuration settings and lines can be deleted by adding a no in front of the line and retyping it.

Troubleshooting

One issue that we encountered was that the Clinic and Admin PCs were connecting to the router as opposed to the switches due to the trunk ports not being configured as such ports. After running the command switchport mode trunk, the setup worked correctly.