# Creating VLANs and Assigning Ports

Creating VLANs and assigning ports is a foundational skill in networking, especially when configuring switches for efficient network segmentation. Here's a step-by-step guide with a practical scenario and topology:

### <mark style="color:blue;">Scenario:</mark>

You are tasked with configuring a Cisco switch for a small company. The company has three departments:

1. **HR Department**
2. **Engineering Department**
3. **Sales Department**

You need to create three VLANs, one for each department, and assign specific switch ports to each VLAN. We will use a Cisco switch for this example and assume you are connected to it via the console port.

### <mark style="color:blue;">Topology:</mark>

* **Switch** (e.g., Cisco 2960)
* **HR Department:** Ports 1-10
* **Engineering Department:** Ports 11-20
* **Sales Department:** Ports 21-30

We'll also use two devices connected to each port to simulate the network clients.

<figure><img src="/files/eR5iDI5rjg3NjCpnsbH7" alt=""><figcaption><p>Topology</p></figcaption></figure>

### <mark style="color:blue;">Step-by-Step Guide:</mark>

#### **Step 1: Access the Switch**

* First, you need to access the switch via console. Use a terminal emulator like PuTTY or Tera Term and connect to the switch.

```
Sw1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Sw1(config)#
```

#### **Step 2: Create VLANs**

* Use the `vlan` command to create VLANs for each department. The VLAN IDs are assigned as follows:
  * **HR** = VLAN 10
  * **Engineering** = VLAN 20
  * **Sales** = VLAN 30

```
Sw1(config)#vlan 10
Sw1(config-vlan)#name HR
Sw1(config-vlan)#exit
Sw1(config)#vlan 20
Sw1(config-vlan)#name Engineering
Sw1(config-vlan)#exit
Sw1(config)#vlan 30
Sw1(config-vlan)#name Sales
Sw1(config-vlan)#exit
Sw1(config)#
```

#### **Step 3: Assign Ports to VLANs**

* Now, assign the ports to their respective VLANs. For example:
  * Ports **Ethernet0/1-3** go to **VLAN 10 (HR)**
  * Ports **Ethernet1/1-3** go to **VLAN 20 (Engineering)**
  * Ports **Ethernet2/1-3** go to **VLAN 30 (Sales)**

```
Sw1(config)#interface range ethernet 0/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 10
Sw1(config-if-range)#exit
Sw1(config)#interface range ethernet 1/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 20
Sw1(config-if-range)#exit
Sw1(config)#interface range ethernet 2/0-3
Sw1(config-if-range)#switchport mode access
Sw1(config-if-range)#switchport access vlan 30
Sw1(config-if-range)#exit
```

### <mark style="color:blue;">**Step 4: Verify VLANs and Port Assignments**</mark>

* To verify the VLANs that have been created, use the `show vlan brief` command. This will display all VLANs and the ports associated with them.

```
Sw1#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- ------------------------------                                    -
1    default                          active    Et3/0, Et3/1, Et3/2, Et3/3
10   HR                               active    Et0/0, Et0/1, Et0/2, Et0/3
20   Engineering                      active    Et1/0, Et1/1, Et1/2, Et1/3
30   Sales                            active    Et2/0, Et2/1, Et2/2, Et2/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup
Sw1#
```

### <mark style="color:blue;">**Step 5: Test the VLAN Configuration**</mark>

* **Testing Connectivity**: To verify that the devices in different VLANs cannot communicate, connect a computer to port e0/0 (HR) and another to port e1/0 (Engineering). They should not be able to communicate unless you configure routing (which we'll cover later).

```
PC1> ping 192.168.1.2

host (192.168.1.2) not reachable

PC1>
```

### <mark style="color:blue;">Keywords</mark>

`VLAN, switch`, `Cisco`, `ports`, `VLAN IDs`, `network segmentation`, `access mode`, `interface range`, `HR department`, `Engineering department`, `Sales department`, `configuration`, b`roadcast domain`, `VLAN 10`, `VLAN 20`, `VLAN 30`, `VLAN assignment`, `switchport`, `Layer 3`, `routing`, `security`, سیسکو


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://netsec.nerd-cafe.ir/network-engineering/ccna/creating-vlans-and-assigning-ports.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.