It is time to set up the core network. Nothing new here really, a bit of HSRP and a few niceties (like disabling timeout on the console). The switches need to be given a hostname (obviously), and then we have some basics to do on all of them, and then the HSRP, which will be on SW1 and SW2.
On all switches we create the VLANs, turn off the time out on the console, and set the inter-switch ports to be dot1q trunks:
vlan 4 name Management vlan 7 name DMZ vlan 9 name Phones vlan 20 name Users-1 vlan 21 name Users-2 vlan 55 name Failover vlan 99 name Data-Phone exit line con 0 exec-t 0 0 exit int ra gi0/1 - 3 swi tru enc dot swi mo tru no shu exitThe next part is to set up the VLAN interfaces and HSRP. I have decided to use .254 as the final octet for the HSRP IPs, as it means I can use the switch numbers (.1 and .2) on the respective switches.
Vlan interfaces and HSRP
int vlan 4 ip address 10.1.4.1 255.255.255.0 standby 4 ip 10.1.4.254 standby 4 pri 90 standby 4 pre del min 60 no sh int vlan 7 ip address 10.1.7.1 255.255.255.0 standby 7 ip 10.1.7.254 standby 7 pri 110 standby 7 pre del min 60 no sh int vlan 9 ip address 10.1.9.1 255.255.255.0 standby 9 ip 10.1.9.254 standby 9 pri 90 standby 9 pre del min 60 no sh int vlan 20 ip address 10.1.20.1 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 pri 110 standby 20 pre del min 60 no sh int vlan 21 ip address 10.1.21.1 255.255.255.0 standby 21 ip 10.1.21.254 standby 21 pri 90 standby 21 pre del min 60 no sh int vlan 55 ip address 10.1.55.1 255.255.255.0 standby 55 ip 10.1.55.254 standby 55 pri 110 standby 55 pre del min 60 no sh int vlan 99 ip address 10.1.99.1 255.255.255.0 standby 99 ip 10.1.99.254 standby 99 pri 90 standby 99 pre del min 60 no sh
int vlan 4 ip address 10.1.4.2 255.255.255.0 standby 4 ip 10.1.4.254 standby 4 pri 110 standby 4 pre del min 60 no sh int vlan 7 ip address 10.1.7.2 255.255.255.0 standby 7 ip 10.1.7.254 standby 7 pri 90 standby 7 pre del min 60 no sh int vlan 9 ip address 10.1.9.2 255.255.255.0 standby 9 ip 10.1.9.254 standby 9 pri 110 standby 9 pre del min 60 no sh int vlan 20 ip address 10.1.20.2 255.255.255.0 standby 20 ip 10.1.20.254 standby 20 pri 90 standby 20 pre del min 60 no sh int vlan 21 ip address 10.1.21.2 255.255.255.0 standby 21 ip 10.1.21.254 standby 21 pri 110 standby 21 pre del min 60 no sh int vlan 55 ip address 10.1.55.2 255.255.255.0 standby 55 ip 10.1.55.254 standby 55 pri 90 standby 55 pre del min 60 no sh int vlan 99 ip address 10.1.99.2 255.255.255.0 standby 99 ip 10.1.99.254 standby 99 pri 110 standby 99 pre del min 60 no sh
Confirmation:
SW1#sh standby bri
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl4 4 90 P Standby 10.1.4.2 local 10.1.4.254
Vl7 7 110 P Active local 10.1.7.2 10.1.7.254
Vl9 9 90 P Standby 10.1.9.2 local 10.1.9.254
Vl20 20 110 P Active local 10.1.20.2 10.1.20.254
Vl21 21 90 P Standby 10.1.21.2 local 10.1.21.254
Vl55 55 110 P Active local 10.1.55.2 10.1.55.254
Vl99 99 90 P Standby 10.1.99.2 local 10.1.99.254
SW1#
SW2#sh standby bri
P indicates configured to preempt.
|
Interface Grp Pri P State Active Standby Virtual IP
Vl4 4 110 P Active local 10.1.4.1 10.1.4.254
Vl7 7 90 P Standby 10.1.7.1 local 10.1.7.254
Vl9 9 110 P Active local 10.1.9.1 10.1.9.254
Vl20 20 90 P Standby 10.1.20.1 local 10.1.20.254
Vl21 21 110 P Active local 10.1.21.1 10.1.21.254
Vl55 55 90 P Standby 10.1.55.1 local 10.1.55.254
Vl99 99 110 P Active local 10.1.99.1 10.1.99.254
SW2#
Looks good now. We have an internal network and can start playing with the really cool toys, like the ISE and WSA, but not before we setup the firewalls for HA and NATI am waiting on my (newish) 3750X to be delivered today, its the PoE version, so it'll handle the phone and the Wifi parts of the lab.