Config Lab: Switch IP 1

Wendell Odom
By Wendell Odom August 27, 2021 15:05

A layer 2 switch does not need an IP address or default gateway for its primary purpose of forwarding layer 2 Ethernet frames. However, the switch does need an IP address and a default gateway for layer 3 communication, such as responding to ping requests and allowing SSH and Telnet connections into the switch. In this lab, you will practice configuring a switch to support IP.

All about Config Labs

The blog has a series of lab exercises called “Config Labs.” Each lab presents a topology with the relevant initial configuration for each device. The lab also lists new requirements, after which you should create the additional configuration to meet those requirements. You can do the lab on paper, in a text editor, or use software tools like Cisco Packet Tracer or Cisco Modeling Labs.

Once you have created your answer, you can click various tabs at the bottom of this post to see the lab answers, comments about the lab, and other helpful information.

The Lab Exercise


Your job: configure support for IPv4 on a Cisco Catalyst layer 2 switch. To do so, enable IPv4 support in switch SW1 on the (default) VLAN 1, and configure the switch so that it can communicate with hosts outside its local subnet.

The specific rules for this lab are as follows:

  1. Configure switch SW1.
  2. Assign the switch an IP address of and a mask of
  3. For the default gateway use IP address of
  4. For the management VLAN use VLAN 1

Figure 1: Basic LAN


Initial Configuration

The initial configuration uses almost all default settings. Note that by default, all ports are assigned to access VLAN 1. The configuration that does already exist sets the hostname and the passwords for the switch.

hostname SW1
line con 0
 password certskills 
line vty 0 4
 password certskills
line vty 5 15
 password certskills

Example 1: SW1 Config

Answer Options - Click Tabs to Reveal

You can learn a lot and strengthen real learning of the topics by creating the configuration – even without a router or switch CLI. In fact, these labs were originally built to be used solely as a paper exercise!

To answer, just think about the lab. Refer to your primary learning material for CCNA, your notes, and create the configuration on paper or in a text editor. Then check your answer versus the answer post, which is linked at the bottom of the lab, just above the comments section.

You can also implement the lab using the Cisco Packet Tracer network simulator. With this option, you use Cisco’s free Packet Tracer simulator. You open a file that begins with the initial configuration already loaded. Then you implement your configuration and test to determine if it met the requirements of the lab.

(Use this link for more information about Cisco Packet Tracer.)

Use this workflow to do the labs in Cisco Packet Tracer:

  1. Download the .pkt file linked below.
  2. Open the .pkt file, creating a working lab with the same topology and interfaces as the lab exercise.
  3. Add your planned configuration to the lab.
  4. Test the configuration using some of the suggestions below.

Download this lab’s Packet Tracer File

You can also implement the lab using Cisco Modeling Labs – Personal (CML-P). CML-P (or simply CML) replaced Cisco Virtual Internet Routing Lab (VIRL) software in 2020, in effect serving as VIRL Version 2.

If you prefer to use CML, use a similar workflow as you would use if using Cisco Packet Tracer, as follows:

  1. Download the CML file (filetype .yaml) linked below.
  2. Import the lab’s CML file into CML and then start the lab.
  3. Compare the lab topology and interface IDs to this lab, as they may differ (more detail below).
  4. Add your planned configuration to the lab.
  5. Test the configuration using some of the suggestions below.

Download this lab’s CML file!


Network Device Info:

This table lists the interfaces changed in this lab to work well in CML.

Device Lab Port CML Port
SW1 F0/1 G0/2
SW2 F0/1 G0/2
R1 S0/0/1 G0/2
R2 S0/0/1 G0/2

Host device info:

This table lists host information pre-configured in CML, information that might not be required by the lab but may be useful to you.

Device IP Address Mac Address User/password
PC1 02:00:11:11:11:11 cisco/cisco
PC2 02:00:22:22:22:22 cisco/cisco

Lab Answers Below: Spoiler Alert

Lab Answers: Configuration (Click Tab to Reveal)


interface vlan 1
 ip address
 no shutdown
ip default-gateway

Example 1: SW1 Config

Commentary, Issues, and Verification Tips (Click Tabs to Reveal)


On Cisco switches, VLAN 1 is the default VLAN for all interfaces in a switch. When you assign a IP address the VLAN 1 interface on the switch, that switch then uses that IP address to support its own IPv4 traffic, for instance, traffic like ping and Telnet packets.

To configure the IP address for the VLAN 1 interface, you first enter VLAN 1 configuration mode with the interface vlan 1 command. At that point, you configure the IP address and mask (with the ip address address mask command). Then you enable the VLAN interface with the no shutdown command.

Note that the VLAN 1 interface is not the same idea or configuration element as VLAN 1 itself. A switch’s VLAN 1 interface is that switch’s interface connected to the subnet that exists on VLAN 1.

Additionally, the global configuration command ip default-gateway ip-address gives the switch a default gateway to allow communication through a router to other subnets.

Known Issues in this Lab

This section of each Config Lab Answers post hopes to help with those issues by listing any known issues with Packet Tracer related to this lab. In this case, the issues are:

# Summary Detail
1 None No known issues related to this lab.


Why Would Cisco Packet Tracer Have Issues?

(Note: The below text is the same in every Config Lab.)

Cisco Packet Tracer (CPT) simulates Cisco routers and switches. However, CPT does not run the same software that runs in real Cisco routers and switches. Instead, developers wrote CPT to predict the output a real router or switch would display given the same topology and configuration – but without performing all the same tasks, an actual device has to do. On a positive note, CPT requires far less CPU and RAM than a lab full of devices so that you can run CPT on your computer as an app. In addition, simulators like CPT help you learn about the Cisco router/switch user interface – the Command Line Interface (CLI) – without having to own real devices.

CPT can have issues compared to real devices because CPT does not run the same software as Cisco devices. CPT does not support all commands or parameters of a command. CPT may supply output from a command that differs in some ways from what an actual device would give. Those differences can be a problem for anyone learning networking technology because you may not have experience with that technology on real gear – so you may not notice the differences. So this section lists differences and issues that we have seen when using CPT to do this lab.

Beyond comparing your answers to this lab’s Answers post, you can test in Cisco Packet Tracer (CPT) or Cisco Modeling Labs (CML). In fact, you can and should explore the lab once configured. For this lab, once you have completed the configuration, try these verification steps. 

  1. Connect to the console and try to login with the configured password.
  2. Using the PC connected to a LAN interface, Telnet into the switch, and try the Telnet password.
  3. From either, use the enable command to then test the enable password.

More Labs with Related Content!

Config Lab: Enabling SSH and Disabling Telnet
Config Lab: Login Security 1
Wendell Odom
By Wendell Odom August 27, 2021 15:05
Notify of

Your e-mail address will not be published.
Required fields are marked*


Newest Most Voted
Inline Feedbacks
View all comments
June 19, 2023 10:29 pm

Am I missing something here, but with the start-up configs there is no enable password set. so how can we do the verification steps (3 specifically)? 1. Connect to the console and try to login with the configured password.
2. Using the PC connected to a LAN interface, Telnet into the switch, and try the Telnet password.
3. From either, use the enable command to then test the enable password.