CCNA LAB 64: Changing the Native VLAN and Shutting Down Unused Ports

小乔

Lab Objective:
The objective of this lab exercise is for you to learn and understand how to change the native VLAN to one other than VLAN1 and how to shut down unused switchports in order to prevent unauthorized access.

Lab Purpose:
Securing the switch involves knowing how to change the native VLAN as well as shutting down unused ports in case somebody plugs a device into one to try to gain network access.

Certification Level:
This lab is suitable for both ICND2 and CCNA certification exam preparation.

Lab Difficulty:
This lab has a difficulty rating of 4/10.

Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 5 minutes.

Lab Topology:
Please use the following topology to complete this lab exercise:




Task 1:
Set any interface to trunk and then specify VLAN20 as the native VLAN for the trunk link.

Task 2:
Shut down ports FastEthernet 10 to 15, inclusive.

Task 3:
Issue the relevant show commands to prove your configurations.

Configuration and Verification
Task 1:
Sw1#show int fast0/5 switchport
Name: Fa0/5
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none

Sw1#conf t
Sw1(config)#vlan20
Sw1(config-vlan)#name SUPPORT
Enter configuration commands, one per line.  End with CTRL/Z.
Sw1(config)#int fast0/5
Sw1(config-if)#switchport mode trunk
Sw1(config-if)#switchport trunk native vlan20
Task 2:
Sw1#conf t
Enter configuration commands, one per line.  End with CTRL/Z.
Sw1(config)#interface range f0/10 - f0/15
Sw1(config-if-range)#shutdown
The interface range command will not work on older switch models (sorry). Some models want you to have a space between the ranges and some don’t, so test it for yourself with the ?.

Task 3:
Sw1#show int fast0/5 switchport
Name: Fa0/5
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 20 (SUPPORT)


来源: CCNA LAB 59: Configuring IOS Device Logging to a SYSLOG Server
来源: CCNA LAB 60: Performing an IOS Upgrade
来源: CCNA LAB  61: Performing an IOS Upgrade Using FTP
来源: CCNA LAB 62: Performing Password Recovery
来源: CCNA LAB 63: Configuring Extended VLANs on Cisco Catalyst Switches

yang11

thamky

呀小亮

感谢楼主的分享