CCNA 200-301 Chapter 2 Network Access Lab 013 Configure and Verify Data and Voice Access Port

Watch Full Demo on YouTube:

Lab Objective:

The objective of this lab is to configure and verify data and voice access ports on Cisco switches. You will assign VLANs to these ports, configure voice VLANs, and ensure proper connectivity for both data and voice traffic.

Lab Topology:

Equipment Required:

• 1 x Router (e.g., CISCO2811/K9)
• 3 x Cisco switch (e.g., Cisco Catalyst series)
• 4 x PCs or laptops with Ethernet ports
• 4 x IP Phone (for voice traffic)
• Console Cable
• Ethernet Cable for connections between devices
• Computer with Terminal emulation software e.g. PuTTY

IPv4 Address Table:

A. Router IP Address Table:

Device Name	Interface ID	IPv4 Address	Subnet-Mask	dot1Q
Router1	fastethernet0/1.10	192.168.10.1	255.255.255.0	10
Router1	fastethernet0/1.20	192.168.20.1	255.255.255.0	20
Router1	fastethernet0/1.100	192.168.100.1	255.255.255.0	100

B. Switch VLAN Table:

Device Name	Interface ID	Interface Mode	Data VLAN	Voice VLAN
Switch1	Fa0/23	Trunk (10, 20, 100)	–	–
Switch1	Fa0/1	Access	10	100
Switch1	Fa0/2	Access	20	100
Switch2	Fa0/24	Trunk (10, 20, 100)	–	–
Switch2	Fa0/1	Access	10	100
Switch2	Fa0/2	Access	20	100
Switch3	Fa0/23	Trunk (10, 20, 100)	–	–
Switch3	Fa0/24	Trunk (10, 20, 100)	–	–
Switch3	Fa0/1	Trunk (10, 20, 100)	–	–

C. Hosts IP Address Table:

Device Name	Interface ID	IPv4 Address	Subnet-Mask	Department
PC1	Fa0	Obtained via DHCP	Obtained via DHCP	IT
PC2	Fa0	Obtained via DHCP	Obtained via DHCP	HR
PC3	Fa0	Obtained via DHCP	Obtained via DHCP	IT
PC4	Fa0	Obtained via DHCP	Obtained via DHCP	HR

List of Command Summary:

Command	Command Description
enable	enters privileged EXEC mode.
configure terminal	enters global configuration mode from privileged EXEC mode.
hostname [hostname]	assign a device name to router.
switchport mode trunk	is used to configure an interface on a Cisco switch to operate in trunk mode. In trunk mode, the interface is capable of carrying traffic for multiple VLANs simultaneously. This command allows the interface to send and receive traffic with VLAN tags, enabling it to interconnect switches or routers and carry traffic for multiple VLANs across a single link.
switchport trunk allowed vlan ID	is used to specify which VLANs are allowed to traverse a trunk port on a Cisco switch. By default, all VLANs are allowed on a trunk port. However, this command can be used to restrict the VLANs that are permitted to pass through the trunk link. You can specify individual VLAN IDs or specify a range of VLAN IDs that are permitted on the trunk port.
show interfaces [interface-ID] switchport	is used to display detailed information about the switchport configuration of a specific interface on a Cisco switch. It provides information such as the administrative and operational mode of the switchport, the VLAN membership of the switchport, trunking status, allowed VLANs, native VLAN, and other relevant details related to the switchport configuration.
show interfaces trunk	displays information about trunk interfaces and their associated VLANs. It provides details about which interfaces are configured as trunk links, the encapsulation type (such as dot1Q), the operational status of the trunk, the allowed VLANs on the trunk, and the native VLAN. This command is useful for verifying trunk configurations and troubleshooting trunking issues on Cisco switches.
vlan [vlan-id]	used to create a new VLAN with the specified VLAN ID. This command allows network administrators to segment the network into multiple virtual LANs (VLANs) for better traffic management and security. By assigning devices to different VLANs based on their network requirements, administrators can control broadcast domains, enforce security policies, and optimize network performance.
switchport mode access	used on Cisco switches to configure an interface as an access port. Access ports are used to connect end devices, such as computers or printers, to the switch. When configured as an access port, the switch treats all incoming frames on that interface as belonging to the VLAN assigned to the port. This command disables dynamic trunking protocol (DTP) negotiation on the interface, ensuring that it operates only as an access port and does not participate in VLAN trunking.
switchport access vlan [VLAN-ID]	used on Cisco switches to assign a specific VLAN to an access port. This command is typically used in conjunction with the “switchport mode access” command to configure an interface as an access port and specify the VLAN to which it belongs. By assigning a VLAN to an access port, the switch ensures that all incoming traffic on that port is tagged with the specified VLAN ID. This allows the switch to segregate traffic from different VLANs and control broadcast and multicast traffic within each VLAN.
switchport voice vlan [vlan-id]	used in Cisco switch interfaces to configure the Voice VLAN assignment. When applied to an interface, it designates a specific VLAN ID for voice traffic, allowing the switch to separate voice and data traffic on the same physical interface. This command ensures that voice traffic is tagged with the specified VLAN ID when transmitted over the network
show vlan brief	used on Cisco switches to display a summary of VLAN information. When you enter this command in the CLI interface of a Cisco switch, it provides a concise overview of the VLAN configuration on the switch. This includes details such as the VLAN ID, name, and interface membership status. The output of this command is often used to quickly verify the VLAN configuration and interface assignments on the switch.
ipconfig /all	used in Windows operating systems to display detailed information about all network interfaces and their configurations.
no shutdown	enables an interface.
show running-config	save the running configuration to the startup-configuration file.
copy running-config startup-config	used to save the currently running configuration (stored in the RAM) to the startup configuration (stored in the NVRAM)
end	exit configuration mode.
exit	exits one level in the menu structure command.

Lab Task:

1. Connect the devices according to the provided topology.
2. Connect to the CLI of the router and switches and enable privileged EXEC mode and go to configuration mode. Configure the appropriate hostname on each device as per topology shown above.
3. Configure VLANs on all switches according to the table and topology above:
   1. Create VLANs for data and voice traffic and name each VLAN accordingly.
   2. On Switch1 and Switch2 Assign switch ports to the appropriate VLANs.
   3. Verify your configuration
4. Configure Static Trunk on all Switches:
   1. On Switch1 configure fa0/23 to operate in Trunk mode and allow only VLANs 10, 20, and 100
   2. On Switch2 configure fa0/24 to operate in Trunk mode and allow only VLANs 10, 20, and 100
   3. On Switch3 configure fa0/1, fa0/23, fa0/24 to operate in Trunk mode and allow only VLANs 10, 20, and 100
   4. Verify your configuration
5. Configure the router:
   1. Configure sub-interfaces on the router interface, one for each VLAN.
   2. Each sub-interface is associated with a specific VLAN and has an IP address within the corresponding subnet.
   3. Enable IP Routing if required.
   4. Verify your configuration.
6. Configure DHCP for IP phones and all end hosts:
   1. Configure DHCP pools for both data and voice VLANs.
   2. Configure the default gateway as well such that each end host would get receive the default gateway as part of the DHCP lease process.
   3. Verify your configuration
7. Configure telephony-service on the router:
   1. Enable telephony-service.
   2. Define the necessary parameters such as max-ephones, max-dn, and IP phone registration:
      1. Configure Router1 to automatically assign directory numbers (DNs) to IP phones.
      2. Configure the source IP address and port for SIP (Session Initiation Protocol) so use the IP address assigned to the sub-interface in question, and use port 5060 for SIP signaling traffic
      3. Configure maximum number of directory numbers (phone lines) that can be assigned to IP phones to 8
      4. Configure the maximum number of IP phones (ephones) that can be connected to Router1, set this to 8
   3. configure a directory number (DN) on the Cisco CME system for each IP Phone as shown in the topology with an extension of 1000 + the phone name ID.
   4. Verify your configuration
8. Test connectivity:
   1. Verify that IP phones can communicate with each other.
   2. Test data connectivity between PCs.
9. Save configuration

Lab Solution:

1. Lab has been created

2. To configure the hostname on each Switch you can following the commands below:

a. On Switch1:
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch1
Switch1(config)#

b. On Switch2:
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch2
Switch2(config)#

c. On Switch3:
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch3
Switch3(config)#

d. On Router1:
Router>enable
Router#configure terminal
Router(config)#hostname Router1
Router1(config)#

3. Configure VLANs on all switches according to the table and topology above:

a. Create VLANs for data and voice traffic and name each VLAN accordingly:
Configure VLANs:

Switch1(config)# vlan 10
Switch1(config-vlan)# name Data_for_IT_Department
Switch1(config-vlan)# vlan 20
Switch1(config-vlan)# name Data_for_HR_Department
Switch1(config-vlan)# vlan 100
Switch1(config-vlan)# name Voice_VLAN

Switch2(config)# vlan 10
Switch2(config-vlan)# name Data_for_IT_Department
Switch2(config-vlan)# vlan 20
Switch2(config-vlan)# name Data_for_HR_Department
Switch2(config-vlan)# vlan 100
Switch2(config-vlan)# name Voice_VLAN

Switch3(config)# vlan 10
Switch3(config-vlan)# name Data_for_IT_Department
Switch3(config-vlan)# vlan 20
Switch3(config-vlan)# name Data_for_HR_Department
Switch3(config-vlan)# vlan 100
Switch3(config-vlan)# name Voice_VLAN

b. On Switch1 and Switch2 Assign switch ports to the appropriate VLANs:

Assign switch ports to VLANs:

Switch1(config)# interface fastethernet0/1
Switch1(config-if)# switchport mode access
Switch1(config-if)# switchport access vlan 10
Switch1(config-if)# switchport voice vlan 100
Switch1(config)# interface fastethernet0/2
Switch1(config-if)# switchport mode access
Switch1(config-if)# switchport access vlan 20
Switch1(config-if)# switchport voice vlan 100

Switch2(config)# interface fastethernet0/1
Switch2(config-if)# switchport mode access
Switch2(config-if)# switchport access vlan 10
Switch2(config-if)# switchport voice vlan 100
Switch2(config)# interface fastethernet0/2
Switch2(config-if)# switchport mode access
Switch2(config-if)# switchport access vlan 20
Switch2(config-if)# switchport voice vlan 100

c. In-flight checks: issue this command “show vlan brief”:

4. Configure Static Trunk on all Switches:

a. on Switch1 configure fa0/23 to operate in Trunk mode and allow only VLANs 10, 20, and 100:
Set interface fa0/23 on Switch1 to operate in Trunk mode:
Switch1(config)#interface fastEthernet 0/23
Switch1(config-if)#switchport mode trunk
Switch1(config-if)#switchport trunk allowed vlan 10,20,100

b. on Switch2 configure fa0/24 to operate in Trunk mode and allow only VLANs 10, 20, and 100:
Set interface fa0/24 on Switch2 to operate in Trunk mode:
Switch2(config)#interface fastEthernet 0/24
Switch2(config-if)#switchport mode trunk
Switch2(config-if)#switchport trunk allowed vlan 10,20,100

c. on Switch3 configure fa0/1, fa0/23, fa0/24 to operate in Trunk mode and allow only VLANs 10, 20, and 100:
Set interface fa0/23 & fa0/24 on Switch3 to operate in Trunk mode:
Switch3(config)#interface fastEthernet 0/23
Switch3(config-if)#switchport mode trunk
Switch3(config-if)#switchport trunk allowed vlan 10,20,100
Switch3(config)#interface fastEthernet 0/24
Switch3(config-if)#switchport mode trunk
Switch3(config-if)#switchport trunk allowed vlan 10,20,100
Switch3(config)#interface fastEthernet 0/1
Switch3(config-if)#switchport mode trunk
Switch3(config-if)#switchport trunk allowed vlan 10,20,100

In-flight checks: issue this command to check trunk status “show interface trunk”:

5. Router configuration:

a. Configure sub-interfaces on the router interface, one for each VLAN. b. configure each sub-interface with appropriate 802.1q tag:
Router1(config)# interface fastethernet0/1
Switch1(config-if)# no shut
Router1(config-if)# interface fastethernet0/1.10
Router1(config-subif)# encapsulation dot1Q 10
Router1(config-subif)# ip address 192.168.10.1 255.255.255.0
Router1(config-subif)# interface fastethernet0/1.20
Router1(config-subif)# encapsulation dot1Q 20
Router1(config-subif)# ip address 192.168.20.1 255.255.255.0
Router1(config-subif)# interface fastethernet0/1.100
Router1(config-subif)# encapsulation dot1Q 100
Router1(config-subif)# ip address 192.168.100.1 255.255.255.0

b. Enable IP Routing if required: N/A

c. Verify your configuration:

6. DHCP configuration:

a. Configure DHCP pools for both data and voice VLANs.

b. Configure the default gateway as well such that each end host would get receive the default gateway as part of the DHCP lease process:

Configure DHCP pools:
Router1(config)# ip dhcp pool DATA_IT_Department
Router1(dhcp-config)# network 192.168.10.0 255.255.255.0
Router1(dhcp-config)# default-router 192.168.10.1

Router1(config)# ip dhcp pool DATA_HR_Department
Router1(dhcp-config)# network 192.168.20.0 255.255.255.0
Router1(dhcp-config)# default-router 192.168.20.1

Router1(config)# ip dhcp pool VOICE
Router1(dhcp-config)# network 192.168.100.0 255.255.255.0
Router1(dhcp-config)# default-router 192.168.100.1
Router1(dhcp-config)# option 150 ip 192.168.100.1

c. Verify your configuration:

7. Configure telephony-service on the router:

a. Enable telephony-service:

b. Define the necessary parameters such as max-ephones, max-dn, and IP phone registration:

i. Configure Router1 to automatically assign directory numbers (DNs) to IP phones.
ii. Configure the source IP address and port for SIP (Session Initiation Protocol) so use the IP address assigned to the sub-interface in question, and use port 5060 for SIP signalling traffic
iii. Configure maximum number of directory numbers (phone lines) that can be assigned to IP phones to 8
iv. Configure the maximum number of IP phones (ephones) that can be connected to Router1, set this to 8

Enable telephony-service:
Router(config)# telephony-service
Router1(config-telephony)# auto assign 1 to 8
Router1(config-telephony)# ip source-address 192.168.100.1 port 5060
Router1(config-telephony)# max-dn 8
Router1(config-telephony)# max-ephones 8

c. Configure a directory number (DN) on the Cisco CME system for each IP Phone as shown in the topology with an extension of 1000 + the phone name ID:

Define ephone-dn and ephone:
Router(config-telephony)# ephone-dn 1
Router(config-ephone-dn)# number 1001
Router(config-telephony)# ephone-dn 2
Router(config-ephone-dn)# number 1002
Router(config-telephony)# ephone-dn 3
Router(config-ephone-dn)# number 1003
Router(config-telephony)# ephone-dn 4
Router(config-ephone-dn)# number 1004

d. Verify your configuration: issue this command “show ephone”

8. Test connectivity:

a. Verify that IP phones can communicate with each other:

Based from the output above we can see that IP Phone1 is able to initiate a call with IP Phone 2,3 and 4. Also you can see the status of the IP phone is Connected.

b. Test data connectivity between PCs:

DHCP Test: you can see all PCs have received an IP address, Subnet-Mask and a default gateway.

Connectivity Test: You can see that PC1 is able to ping PC3 form the IT department and PC2 from the HR department.

9. Save the configuration by issuing either “wr” or “copy running-config startup-config” command on all Cisco devices.

Troubleshooting:

1. Physical Connection Check:
   • Verify that the IP phones and computers are connected to the correct switch ports.
   • Ensure that cables are securely plugged into the correct interfaces.
2. Switch Configuration Check:
   • Verify that the switch ports are configured correctly for data and voice VLANs.
   • Use the “show interfaces [interface-id]” command to check the configuration of switch interfaces.
3. VLAN Configuration Check:
   • Verify that the correct VLANs are configured on the switch.
   • Check the VLAN configuration using the “show vlan” command.
4. DHCP Configuration Check:
   • Ensure that DHCP pools are configured for both data and voice VLANs on the DHCP server.
   • Use the “show ip dhcp pool” command on the DHCP server to verify DHCP pool configuration.
5. Router Configuration Check:
   • Verify that router-on-a-stick configuration is correctly implemented.
   • Check the router’s subinterface configuration and verify that it corresponds to the VLANs configured on the switch.
6. IP Phone Configuration Check:
   • Ensure that IP phones are configured with the correct VLAN information.
   • Verify the IP phone’s VLAN configuration through its settings or administration interface.
7. IP Phone Registration Check:
   • Verify that IP phones are registered with the CallManager Express (CME) or the VoIP system.
   • Check the status of registered IP phones using the appropriate command on the router.
8. Voice VLAN Troubleshooting:
   • If voice VLAN is not functioning, verify that the switch is configured with the correct voice VLAN and that the switch interfaces are configured to trust CoS (Class of Service).
   • Use the “show interface [interface] switchport” command to check the voice VLAN configuration on switch interfaces.
9. Data VLAN Troubleshooting:
   • If data VLAN is not functioning, verify that the switch interfaces are configured with the correct access VLAN and that DHCP is functioning properly for data VLAN clients.
   • Use the “show interface [interface] switchport” command to check the data VLAN configuration on switch interfaces.
10. Ping Test:
    • Perform ping tests between devices in the data VLAN and devices in the voice VLAN to verify connectivity.
    • Use the “ping” command from PCs or routers to test connectivity between devices.

Note:

Data and Voice Access VLANs are VLANs configured on a network switch to separate voice traffic from data traffic in a Voice over IP (VoIP) network.
Telephony service refers to the set of configurations and services on a Cisco router or switch that enable the deployment of Voice over IP (VoIP) telephony solutions:

1. Data VLAN:
   • The Data VLAN is used for regular data traffic on the network, such as internet browsing, file transfers, and email communication.
   • Devices like computers, printers, and servers are assigned to the Data VLAN.
   • Data VLANs are typically configured with a higher priority for data traffic and are optimized for throughput and reliability.
2. Voice VLAN:
   • The Voice VLAN is dedicated to carrying VoIP traffic generated by IP phones on the network.
   • IP phones are assigned to the Voice VLAN, allowing them to prioritize voice traffic over data traffic.
   • Voice VLANs are configured to provide Quality of Service (QoS) for voice traffic, ensuring low latency, jitter, and packet loss for clear voice communication.
   • Voice VLANs often utilize a separate subnet and DHCP pool to streamline voice traffic management and ensure optimal performance.
3. Configuration:
   • On a network switch, ports can be configured to support both Data and Voice VLANs simultaneously. This configuration is known as “Voice VLAN access” or “Voice VLAN tagging.”
   • When an IP phone connects to a switch port configured for Voice VLAN access, the switch automatically places the phone in the Voice VLAN and tags its voice traffic accordingly.
   • Data traffic from the connected computer or other devices remains in the Data VLAN.
4. Benefits:
   • Separating voice and data traffic into different VLANs allows for better network performance and security.
   • Voice VLANs prioritize voice traffic, ensuring high-quality voice communication even during periods of heavy network congestion.
   • By segregating voice traffic, administrators can apply specific security policies, such as access control lists (ACLs), to protect voice communication from unauthorized access or attacks.
5. Functionality:
   • Telephony service allows the router or switch to act as a call control platform for VoIP networks.
   • It provides features such as call routing, call forwarding, call waiting, caller ID, voicemail, and more.
   • Telephony service enables the registration and management of IP phones, also known as ephones, and directory numbers (DNs).
6. Configuration:
   • To configure telephony service on a Cisco device, you typically use the telephony-service command in global configuration mode.
   • Within the telephony service configuration, you can specify parameters such as the maximum number of IP phones (ephones) and directory numbers (ephone DNs) supported, as well as the IP address of the call control server (Cisco Unified Communications Manager or CME).
7. Ephones and Ephone DNs:
   • Ephones represent physical IP phones connected to the network. Each ephone is associated with an ephone DN.
   • Ephone DNs are virtual extensions assigned to IP phones. They define the phone numbers and call features associated with each IP phone.
   • Ephone DNs can be configured with features such as call forwarding, call pickup, call transfer, and more.
8. Integration:
   • Telephony service can be integrated with other network services and protocols, such as DHCP for IP address assignment to IP phones and SNMP for network management.
   • It can also integrate with Voice VLANs on network switches to prioritize voice traffic and ensure quality of service (QoS) for VoIP calls.
9. Verification:
   • After configuring telephony service, you can use commands such as “show telephony-service” and “show ephone” to verify the status of telephony service and the registered IP phones.

Conclusion:

In conclusion, this lab provided valuable hands-on experience in configuring and verifying data and voice access ports across two departments within our network infrastructure. By implementing VLANs for data and voice traffic and configuring telephony service for our IP phones, we successfully established communication channels that cater to the specific needs of each department.

Through the configuration and verification steps, we gained a deeper understanding of VLAN segmentation, and the role of telephony service in managing IP phones and directory numbers. Additionally, troubleshooting any encountered issues enhanced our troubleshooting skills and problem-solving abilities.

Moving forward, the knowledge gained from this lab will prove invaluable in real-world networking scenarios, where the deployment and management of VoIP telephony solutions are essential. As we continue to explore and practice network configurations, we are better equipped to design, implement, and maintain robust and efficient network infrastructures that meet the evolving needs of modern organizations.

Packet Tracer Lab (Pre/Post configuration):

Download the file below and open the word document to access the Packet Tracer labs.