Can be practiced with "Free Cisco Catalyst Switch Lab", by Brendan Choi
1. Disable the links between the access layer switches.
2. Place all switches in the VTP domain CISCO and set them all to VTP mode transparent.
3. Configure all inter-switch links statically as 802.1q trunk links.
4. Create VLANs 10 and 200 on all switches. Configure DLS1 and DLS2 SVIs in VLAN 10 and assign addresses in the subnet.
5. Configure DLS1 and DLS2 to use HSRP on the subnet. Make DLS1 the primary gateway, and enable
preemption on both switches.
6. Place ports Fa0/15 through Fa0/20 in VLAN 10 on both access layer switches.
7. Enable PortFast on all access ports.
8. Enable QoS on all switches involved in the scenario.
9. Configure ALS1 Fa0/15 and F0/16 for use with Cisco IP phones with a voice VLAN of 200 and trust the IP phone CoS
markings using AutoQoS.
10. Configure ALS1 Fa0/18 through Fa0/20 for port security. Allow only up to three MAC addresses to be learned on each
port and then drop any traffic from other MAC addresses and set the violate mode to protect.
11. Configure ALS2 Fa0/18 to only allow the MAC address 1234.1234.1234 and to shut down if a violation occurs.