Performing, saving and verifying initial switch configuration tasks including remote access management

initial switch configuration tasks

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts

Operation of Cisco switches and basic switching concepts

Perform, save and verify initial switch configuration tasks including remote access management

Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands

Implement and verify basic security for a switch (port security, deactivate ports)

Identify, prescribe, and resolve common switched network media issues, configuration issues, autonegotiation, and switch hardware failures

 

 

 

 

top1. basic switch.1

 

 

 

 

Implement basic switch configuration by assigning a hostname for identification, passwords for security, and assignment of IP addresses for connectivity. For In-band access the switch needs to have an ip address configured. Global switch commands:

 

hostname

banner motd

enable password

enable secret

ip default-gateway

 

Switch>enSwitch#conf tEnter configuration commands, one per line. End with CNTL/Z. 

Switch(config)#hostname switch1

switch(config)#banner motd $Admin Access Only$

switch1(config)#enable password cisco

switch1(config)#enable secret studylabs

 

Line settings includes

line con. sets a password on the router console

line vty. Sets password for telnet.

login and password. This option specifies that the password set should be effective at logon.

 

switch1(config)#line con 0switch1(config-line)#password ciscoswitch1(config-line)#loginswitch1(config-line)#line vty 0 4

switch1(config-line)#password cisco

switch1(config-line)#login

 

Remote management involves configuring an ip address on the interface vlan1 of the switch. This is the default and recommended management vlan. Bring the interface up as shown below.

 

switch1(config-line)#interface vlan 1switch1(config-if)#ip address 10.1.1.1 255.255.255.0switch1(config-if)#no shutdownswicht1(config-if)#

%LINK-5-CHANGED: Interface Vlan1, changed state to up

ip default-gateway 10.1.1.1

 

Interface commands:

 

interface type/number (vlan1)

ip address

speed / duplex

switchport port-security

 

switch1(config-if)#switchport mode accessswitch1(config-if)#switchport port-security

 

Speed and duplex settings.

 

switch1(config-if)#int fa0/3switch1(config-if)#speed ? 10   Force 10 Mbps operation 100   Force 100 Mbps operation

auto Enable AUTO speed configuration

switch1(config-if)#speed 10

switch1(config-if)#int fa0/4

switch1(config-if)#speed 100

switch1(config-if)#int fa0/5

switch1(config-if)#speed auto

 

 

 

switch1(config-if)#int range fa0/6 – 10switch1(config-if-range)#switchport mode ? access   Set trunking mode to ACCESS unconditionally dynamic Set trunking mode to dynamically negotiate access or trunk mode

trunk   Set trunking mode to TRUNK unconditionally

 

 

 

switch1(config-if-range)#switchport mode accessswitch1(config-if-range)#switchport port-security ? mac-address Secure mac address maximum     Max secure addresses

violation   Security violation mode

 

Subcommands of the switchport port-security mac-address command

You can configure the mac address manually or use the sticky option to enable the switch to remember the mac address and store it.

 

swicht1(config-if-range)#switchport port-security mac-address ? H.H.H   48 bit mac address sticky Configure dynamic secure addresses as sticky

 

Subcommands of the switchport port-security maximum command

You can configure the maximum number of mac address allowed on the port .

 

swicht1(config-if-range)#switchport port-security maximum ? <1-132> Maximum addresses 

 

Subcommands of the switchport port-securityviolation command

 

swicht1(config-if-range)#switchport port-security violation ? protect   Security violation protect mode restrict Security violation restrict mode shutdown Security violation shutdown mode

 

Save the configuration

 

switch1#copy running-config startup-config Destination filename [startup-config]? Building configuration…[OK]

 

Verify and save the switch configuration using the copy running-config startup-config command. To clear the switch configuration, use the erase startup-config command and then the reload command. It may also be necessary to erase any VLAN information using the command delete flash:vlan.dat.

 

Configuration Management:

 

enable

configure terminal

copy running-config startup-config

erase startup-config

delete flash:vlan.dat

reload

 

General commands

 

show running-config

show startup-config

show version

 

Interface / Port Related:

 

show interfaces

show ip interface brief

show port-security

show mac-address-table

 

Connectivity Related:

 

show cdp neighbors

show sessions

show ssh

ping

traceroute

 

top1. basic switch telnet

 

 

 

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Find me on YouTube

Recent Posts

Recent Comments