## On Boot Press **Enter** to begin If greeted with a prompt asking about *Initial Configuration Dialogue*, type `n` and hit enter. - If you decide to make use of Initial Configuration, refer to [Cisco Docs](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fundamentals/configuration/15mt/fundamentals-15-mt-book/cf-setup.html) You should be greeted with a prompt that has a `>` character at the end, indicating you are in user EXEC mode. This is limited and not used for configuration. Enable privileged EXEC mode to get access to all commands and configurations: ``` enable ``` Shorthand: `ena` Enter configuration mode, configuring from the terminal (also possible to configure from memory or the network): ``` configure terminal ``` Shorthand: `conf t` ## Create/edit a vlan [docs](https://community.cisco.com/t5/networking-knowledge-base/how-to-configure-vlans-on-the-catalyst-switches/ta-p/3131780)<br> From configuration mode: ``` vlan [vlan-id] ``` where `[vlan-id]` is the vlan number you want to generate, this will put you into config-vlan mode ## Assign a vlan a name From `config-vlan` mode: ``` name [ascii name] ``` where `[ascii name]` is the name you want to assign (EG: `Accounting`) ## Assign interfaces to a vlan [docs](https://community.cisco.com/t5/networking-knowledge-base/how-to-configure-vlans-on-the-catalyst-switches/ta-p/3131780)<br> Enter interface config mode (from conf mode): Single port: ``` interface [interface-to-configure] ``` shorthand: `int [interface-to-configure]` Range [docs](https://www.cisco.com/c/en/us/td/docs/ios/interface/configuration/guide/ir_ifrange.html): ``` interface range fa0/st - nd ``` where `fa` is the speed, `st` the starting port, and `nd` the end port From `config-if` mode: Enter port mode configuration: ``` switchport mode access ``` Link the interface(s) to a vlan: ``` switchport access vlan [vlan-id] ``` interfaces are referenced in the format of `sp0/nm` where speed and port number are specified (eg: fa0) ## Configuring trunk ports From the `config` mode, select an interface to configure as trunk mode: ``` interface [interface-id (sp0/nm syntaax)] ``` shorthand: `int fa0/nm` Set the mode of the selected interface to trunk mode: ``` switchport mode trunk ``` Type `end` or `exit` to leave `config-if` mode ## Limiting trunk traffic to a specific vlan From `config` mode: ``` interface [interface-id] ``` shorthand: `int fa0/24` Change trunk config: ``` switchport trunk allow vlan [vlan-id] ``` ## Force vlans to be online: From `configure` mode: ``` vlan [vlan-id] ``` - [ ] ``` no shutdown ``` # Access list management Access lists are created implicitly when you apply the first configuration. More docs for access list management can be found at <https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/xe-3s/sec-data-acl-xe-3s-book/sec-create-ip-apply.html.xml>. ### Permitting a particular network for a numbered access list From the privileged exec terminal: ``` access-list [access-list-num] permit [network] [wildcard-mask] ``` `permit` can be substituted with `deny` to instead explictly deny a network. An example of a valid network could be ``, and a wildcard mask for a `/24` would be ``. Unless explictly stated, an access list will deny all other traffic. You can explicitly allow traffic by default for a numbered access list with `access-list [access-list-num] permit any`. ### Denying traffic from a particular address for a numbered access list From the privileged exec terminal: ``` access-list [access-list-num] deny [address] ``` ### Applying a numbered access list to a particular interface From `config-if` mode: ``` ip access-group [access-list-number] ``` # Viewing configs ### Vlan config From the privileged exec terminal: ``` show vlan ``` ### See what IP address is assigned to a vlan From privileged exec mode: ``` show run int vlan [vlan-id] ``` See what mode an interface is in: ``` show int [interface] switchport ``` ### interface trunk config From privileged exec: ``` show interface trunk ``` ## Helpful Resources Trying to figure out where in the command hierarchy you are? - https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_46_se/command/reference/cr1/intro.pdf Wondering more about the Cisco IOS CLI? - https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_46_se/command/reference/cr1/intro.pdf Wish you knew more about a command? - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fundamentals/configuration/xe-16-5/fundamentals-xe-16-5-book/cf-cli-basics.html#:~:text=Filtering%20CLI%20Output-,Getting%20Context%2DSensitive%20Help,-Entering%20a%20question