Search this blog

Tuesday, January 5, 2010

Day 23: Switch Configuration

Finally some action on switches, first connecting with a console (or rolled cable) and then a quick configuration:

The console configuration settings needed to connect to a Cisco device's console port are as follows:
  • Speed: 9600 bits per second
  • Data bits: 8
  • Parity: None
  • Stop bit: 1
  • Flow control: None
By default we'll receive user access or user EXEC, only commands that show basic information about the operation and connectivity.
Switch>enable
Now we're in Privileged EXEC after entering enable. We can now adjust the operation of a switch and view configuration files.
Switch#configure terminal
The configuration mode allow us to configure the device and enter submodes for specific configurations (for example interface).
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#line console 0
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#line vty 0 4
S1(config-line)#password class
S1(config-line)#login
S1(config-line)#exit
S1(config)#enable password cisco
S1(config)#enable secret class
Remotely accessing a switch for management requires an IP address and basic security information. This can be done in VLAN1, the logical interface used for management.
S1(config)#interface vlan 1
S1(config-if)#ip address 192.168.1.2 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#exit
Note that setting a default gateway for a switch is done in global configuration!!! Although a switch doesn't see Layer 3 and above information it's still necessary to configure the default gateway to remotely administer and configure the switch.
S1(config)#ip default-gateway 192.168.1.1
S1(config)#exit
S1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]

Other basic commands are:
show history: will show by default the last ten commands used
terminal history size 20: changes the history size
service password-encryption: used to encrypt the passwords in a config (except enable secret), this is still no solid security measure because it can easily be cracked.
The banner motd is displayed upon connection to the switch either by Telnet or by the console port. The login banner is displayed before the username and pasword login prompts on a Catalyst switch. See my other post with in depth explanation.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)