VLAN Configuration

1. Introduction

Now that you know what a VLAN is and why it’s important, let’s move one step further.

It’s time to configure VLANs on a real switch.
Imagine you are the network administrator of a mid-sized company.

Network diagram to configure VLANs on a Cisco switch, showing how Sales and Tech teams are logically separated using VLAN 10 and VLAN 20.
Figure 1 – Topology used to configure VLANs

Your goal is to separate the Sales and Tech teams logically with 2 differents VLANs.

In this setup:

  • Sales team devices (PC1, PC2) must belong to VLAN 10.
  • Tech team devices (PC3, PC4) must belong to VLAN 20.

2. Creating VLANs on Cisco Switch

Let’s start by connecting to the switch.

  1. Enter Global Configuration Mode
SW1# configure terminal

2. Create VLAN 10 (Sales)

SW1(config)# vlan 10
SW1(config-vlan)# name Sales
SW1(config-vlan)# exit

3. Create VLAN 20 (Tech)

SW1(config)# vlan 20
SW1(config-vlan)# name Tech
SW1(config-vlan)# exit

VLAN 10 and VLAN 20 are now created on the switch but no ports are assigned to VLAN yet.

3. Verifying VLAN Configuration

We can verify VLANs have been created.

Use the show vlan brief command to display the VLAN database:

SW1# show vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    G0/0, G0/1, G0/2, G0/3
10   Sales                            active    
20   Tech                             active    
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup

As you can see :

  • All ports are still assigned to VLAN 1 (the default VLAN).
  • VLAN 10 and VLAN 20 are created but no ports are assigned.

4. Assigning Ports to VLANs

To assign ports to their appropriate VLANS. We need to use 2 commands:

Diagram showing how to configure VLANs by assigning ports to VLAN 10 Sales and VLAN 20 Tech on a Cisco switch.

VLAN 10

SW1(config)# interface G0/0
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 10
SW1(config-if-range)# exit

SW1(config)# interface G0/2
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 10

VLAN 20

SW1(config)# interface G0/1
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 20
SW1(config-if-range)# exit

SW1(config)# interface G0/3
SW1(config-if-range)# switchport mode access
SW1(config-if-range)# switchport access vlan 20

What’s Happening Here?

  • switchport mode access : Forces the port into access mode, ensuring it will belongs only to one VLAN.
  • switchport access vlan X : Assigns the port to a specific VLAN.

5. Verifying Port Assignments

Now that the ports have been assigned to the correct VLANs.

We can verify by using this command:

SW1# show vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    none
10   Sales                            active    G0/0, G0/2
20   Tech                             active    G0/1, G0/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup

Key Point:

  • The default VLAN (VLAN 1) has no active ports.
  • Ports G0/0 and G0/2 are now in VLAN 10 (Sales).
  • Ports G0/1 and G0/3 are now in VLAN 20 (Tech).

The Sales and Tech teams are now logically isolated at Layer 2, even though they are physically connected to the same switch.

6. Managing VLAN Configuration on Cisco Switches

Now that our VLANs are configured and ports assigned, let’s understand how VLANs are stored and how to properly reset them.

Where Are VLANs Stored?

When you create VLANs on a Cisco switch:

  • They are not saved in the running-config or startup-config.
  • Instead, VLANs are stored in a special file called vlan.dat, located in the switch’s flash memory.
Illustration showing how VLANs are stored in the vlan.dat file on a Cisco switch when you configure VLANs.
Figure 2 – Vlan.dat file in Cisco switch

How to Rename a VLAN

Let’s do a quick example.

Suppose you want to rename VLAN 10 from “Sales” to “Sales_Department”.

Here’s how:

SW1# configure terminal
SW1(config)# vlan 10
SW1(config-vlan)# name Sales_Department
SW1(config-vlan)# exit

Once done, verify:

SW1# show vlan brief
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    none
10  Sales_Department                 active    G0/0, G0/2
20   Tech                             active    G0/1, G0/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup

VLAN 10 is now renamed and the change is automatically saved in vlan.dat.

How to Completely Remove VLANs

Here’s how you completely reset VLANs on a Cisco switch:

  1. Delete the VLAN database:
SW1# delete flash:vlan.dat
Delete filename [vlan.dat]? [confirm]

2. Reload the switch:

SW1# reload

The switch will reboot and come back with only the default VLAN (VLAN 1).

Verifying the Reset

Once the switch is back online, run:

SW1# show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    G0/0, G0/1, G0/2, G0/3
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup

As you can see, VLAN 10 and VLAN 20 has been erased !

7. Conclusion

In this lesson, you’ve learned how to configure VLANs on a Cisco switch.

You now know how to:

  • Create VLANs and assign them to specific ports.
  • Verify that devices are properly isolated at Layer 2.
  • Understand where VLANs are stored and how to rename or remove them safely.

➡️ In the next lesson, we’ll introduce 802.1Q Trunking the technology that allows VLANs to extend across the network!