# Switch Configuration Lab ## Basic Switch Configuration After connecting to a switch through the console port, follow these steps to perform initial configuration. Step 1: Enter enable mode by typing enable at the switch prompt. Step 2: Enter global configuration mode by typing configure terminal. Step 3: Set the hostname by typing hostname followed by the desired name. Step 4: Set the enable password by typing enable secret followed by the password. Step 5: Configure a management IP address on VLAN 1 interface using the ip address command. Step 6: Set the default gateway so the switch can be managed from other networks. Step 7: Enable the management interface with the no shutdown command. Step 8: Configure console and VTY line passwords for access control. Step 9: Save the configuration using copy running-config startup-config. ## VLAN Configuration Step 1: Create VLANs by entering vlan followed by the VLAN number in global configuration mode. Step 2: Name each VLAN using the name command within the VLAN configuration. Step 3: Assign switch ports to VLANs by entering the interface configuration mode. Step 4: Set the port mode to access using switchport mode access command. Step 5: Assign the port to a VLAN using switchport access vlan followed by the VLAN number. Step 6: Verify VLAN assignments using show vlan brief command. ## Trunk Port Configuration Step 1: Enter the interface configuration mode for the port that connects to another switch or router. Step 2: Set the port mode to trunk using switchport mode trunk command. Step 3: Specify which VLANs are allowed on the trunk using switchport trunk allowed vlan command. Step 4: Verify trunk configuration using show interfaces trunk command. ## Port Security Configuration Port security limits the number of MAC addresses allowed on a switch port and prevents unauthorized devices from connecting. Step 1: Enter access port interface configuration. Step 2: Enable port security using switchport port-security command. Step 3: Set the maximum number of MAC addresses allowed. Step 4: Configure the violation action as shutdown, restrict, or protect. Step 5: Optionally configure specific allowed MAC addresses. Step 6: Verify port security using show port-security interface command. ## Spanning Tree Verification Step 1: Use show spanning-tree to view the spanning tree topology. Step 2: Identify the root bridge, which is the switch with the lowest bridge ID. Step 3: Identify root ports and designated ports on each switch. Step 4: Verify there are no ports in blocking state that should be forwarding. Step 5: Configure the spanning tree priority if you want to designate a specific switch as root.