Upload files to "1 Switch/(2) Switch"

1 Switch/(2) Switch/Switch Configuration.md

@@ -0,0 +1,315 @@
+Starting with a blank 48 port Cisco switch you need to connect with a serial connection using the Mini USB connecter on the front of the switch. From here you can open Moba Xterm and begin configuration. 
+
+
+```cisco
+enable
+```
+
+```cisco
+configure terminal
+```
+
+```cisco
+hostname 2ndPlt
+```
+
+```cisco
+ip routing
+```
+
+### VLAN Configuration
+To configure the VLANs that will be used within your network. A good baseline to start with is: 
+- VLAN 3
+	- Description: Domain
+	- ip address 10.2.1.1 255.255.255.0
+- VLAN 5
+	- Description: VCSA Management
+	- ip address 10.2.5.1 255.255.255.0
+- VLAN 10
+	- Description: ESXi Management
+	- ip address 10.2.10.1 255.255.255.0
+- VLAN 11
+	- Description: ESXi vMotion
+	- ip address 10.2.11.1 255.255.255.0
+- VLAN 12
+	- Description: ESXi Provisioning 
+	- ip address 10.2.12.1 255.255.255.0
+- VLAN 20
+	- Description: Tools DMZ
+	- ip address 10.2.20.1 255.255.255.0
+- VLAN 25
+	- Description: Tool Web Interface
+	- ip address 10.2.25.1 255.255.255.0
+- VLAN 30
+	- Description: Workstations
+	- ip address 10.2.30.1 255.255.255.0
+- VLAN 40
+	- Description: Test VLAN
+	- ip address 10.2.40.1 255.255.255.0
+- VLAN 666
+	- Description: Trunk
+	- ip address 10.2.100.1 255.255.255.0
+- Configuring the VLANs 
+	```cisco
+	enable
+	```
+	
+	```cisco
+	conf t
+	```
+	
+	```cisco
+	interface vlan (VLAN ID)
+	```
+
+	```cisco
+	ip address (ip address) (subnet mask)
+	```
+
+	```cisco
+	description ***(VLAN Description)***
+	```
+
+- Complete for each VLAN
+	```cisco
+	exit
+	```
+
+	```cisco
+	do show run
+	```
+	- check configuration
+	```cisco
+	do write memory
+	```
+
+- Enabling the VLANs
+	- For each VLAN made you need to Enable them to start functioning. You will need to choose a random interface that is not in use. 
+		
+		```cisco
+		enable
+		```
+		
+		```cisco 
+		configure terminal
+		```
+
+		```cisco
+		do sh ip int brief
+		```
+		- this checks to see what VLANs are enabled
+		- ![[sh_ip_int_brief.png]]
+			- In the Status column, if it says down, then it needs to be enabled 
+		```cisco
+		interface <randomly chosen interface>
+		```
+
+		```cisco
+		switchport mode access
+		```
+
+		```cisco
+		 switchport access vlan <VLAN to be enabled>
+		```
+
+		```cisco
+		exit 
+		```
+		***Repeat for every down VLAN
+
+		Once Completed you can Turn the interface used back off. 
+		```cisco
+		no switchport mode access
+		```
+
+		```cisco
+		no switchport access vlan <last vlan to be enabled>
+		```
+		
+		```cisco
+		exit
+		```
+
+		```cisco
+		do write memory
+		```
+		- Check VLANs are Enabled
+		```cisco
+		do sh ip int brief
+		```
+
+### Interface Configuration
+Your interfaces will be configured differently depending on what gear you are using i.e. CyberPac, MiniRax, different switches, or different firewalls. 
+
+#### Server Interfaces
+- These Interfaces will have access to all of the VLANs except one, the Tools VLAN. Trunk Ports allow this.
+- This separation in the VLANs creates a logical separation in your network not allowing outside network traffic to your infrastructure containing VLANs.
+Setup:
+```cisco
+enable
+```
+
+```cisco
+configure terminal
+```
+
+```cisco
+interface g1/0/1
+```
+
+```cisco
+switchport mode trunk
+```
+
+```cisco
+switchport trunk allowed vlan 3,5,10,11,12,25,30,40
+```
+
+```cisco
+switchport trunk native vlan 666
+```
+
+- Repeat for interface g1/0/2
+- This allows all network traffic that is coming through to be assigned to your trunking VLAN.
+
+```cisco
+description <name of server that is being used to remain orgainized>
+```
+
+```cisco
+exit
+```
+
+```cisco
+do sh run
+```
+
+```cisco
+do write memory
+```
+***Do this twice for every server being used, one for management and one for your tools.
+
+### Tool Interfaces
+- Your Tool Interfaces have a logical separation from the rest of your interfaces. This keeps internal infrastructure traffic separated from external traffic. 
+- Tool Interfaces require a separate switch port connected to a standalone port on the Server
+- Setup:
+	```cisco
+	enable	
+	```
+
+	```cisco
+	configure terminal
+	```
+
+	```cisco
+	interface g1/0/13
+	```
+
+	```cisco
+	switchport mode access
+	```
+
+	```cisco
+	switchport access vlan 20
+	```
+
+	```cisco
+	exit
+	```
+	
+	```cisco
+	do write memory
+	```
+
+### Workstation Interfaces
+- Workstation Interfaces are the switch ports that the host machines (Laptops) are connected to. These will be configured to connect to the workstations VLAN.
+Setup:
+```cisco
+enable
+```
+
+```cisco
+configure terminal
+```
+
+```cisco
+interface range g1/0/25 - 48
+```
+
+```cisco
+switchport mode access
+```
+
+```cisco
+switchport access vlan 30
+```
+
+```cisco
+exit
+```
+
+```cisco
+do sh run
+```
+
+```cisco
+do write memory
+```
+
+After setting up your interfaces if wanted you can configure DHCP so your workstations will pull an IP automatically.
+```cisco
+enable
+```
+
+```cisco
+configure terminal
+```
+
+```cisco
+ip dhcp pool USERS
+```
+
+```cisco
+network 10.2.30.1 255.255.255.0
+```
+
+```cisco
+default-router <Workstation VLAN default gateway>
+```
+
+```cisco
+exit
+```
+
+```cisco
+do write memory
+```
+
+## This is all that is needed for basic functionality of the switch
+- More Configuration will be needed 
+
+
+### Post Domain Controller(s) Setup
+- After your Domain controller(s) have been configured follow these steps to setup DNS.
+	
+	```Cisco
+	enable
+	```
+
+	```cisco
+	configure terminal
+	```
+
+	```cisco
+	ip name-server <DC IP #1> <DC IP #2>
+	ip domain name <domain.name>
+	```
+
+	```cisco
+	exit
+	```
+	
+	```cisco
+	write memory
+	```
+