The above are some steps that can be followed for basic set-up of a Cisco switch. Of course there are more things you can configure (such as SNMP servers, NTP, AAA, Vlan trunking protocol, 802.1q Trunk ports, Layer 3 inter-vlan routing etc) but those depend on the requirements of each particular network.
The next step in the preparation phase is to determine what will be monitored. Even though you can potentially monitor all the devices on your network, ideally, you want to start with your critical infrastructure such as Internet edge router/firewall, core switches, important application servers and so on.
Cisco Switch 2960 Configuration Step By Step Pdf Freel
Download File: https://conrumencpe.blogspot.com/?uq=2vBE5T
This lab will test your ability to configure basic settings such as hostname, motd banner, encrypted passwords, and terminal options on a Cisco Catalyst 2960 switch emulated in Packet Tracer 8.1.1.1. Use the local laptop connect to the switch console and configure the laptop with the right parameters for console access to the Cisco 2960 Catalyst switch2. Configure Switch hostname as LOCAL-SWITCH3. Configure the message of the day as "Unauthorized access is forbidden"4. Configure the password for privileged mode access as "cisco". The password must be md5 encrypted5. Configure password encryption on the switch using the global configuration command6. Configure CONSOLE access with the following settings : - Login enabled - Password : ciscoconsole - History size : 15 commands - Timeout : 6'45'' - Synchronous logging 6. Configure TELNET access with the following settings : - Login enabled - Password : ciscotelnet - History size : 15 commands - Timeout : 8'20'' - Synchronous logging 7. Configure the IP address of the switch as 192.168.1.2/24 and it's default gateway IP (192.168.1.1).8. Test telnet connectivity from the Remote Laptop using the telnet client.
Default route towards the ISP (assume default gateway is 200.200.200.2)ASA5505(config)# route outside 0.0.0.0 0.0.0.0 200.200.200.2 1The above steps are the absolutely necessary steps you need to configure for making the appliance operational. Of course there are much more configuration details that you need to implement in order to enhance the security and functionality of your appliance, such as Access Control Lists, Static NAT, DHCP, DMZ zones, authentication etc.
In this step, you will examine the default switch settings, such as current switch configuration, IOS information, interface properties, VLAN information, and flash memory.You can access all the switch IOS commands in privileged EXEC mode. Access to privileged EXEC mode should be restricted by password protection to prevent unauthorized use because it provides direct access to global configuration mode and commands used to configure operating parameters. You will set passwords later in this lab.The privileged EXEC mode command set includes those commands contained in user EXEC mode, as well as the configure command through which access to the remaining command modes is gained. Use the enable command to enter privileged EXEC mode.a. Assuming the switch had no configuration file stored in nonvolatile random-access memory (NVRAM), A console connection using Tera Term or other terminal emulation program will place you at the user EXEC mode prompt on the switch with a prompt of Switch>. Use the enable command to enter privileged EXEC mode.Notice that the prompt changed in the configuration to reflect privileged EXEC mode.Verify that there is a clean default configuration file on the switch by issuing the show running-config privileged EXEC mode command. If a configuration file was previously saved, it must be removed.Depending on the switch model and IOS version, your configuration may look slightly different. However, there should be no configured passwords or IP address. If your switch does not have a default configuration, erase and reload the switch.Note: Appendix A details the steps to initialize and reload a switch.b. Examine the current running configuration file.Switch# show running-configHow many FastEthernet interfaces does a 2960 switch have?24
Switch# show flash:Switch# dir flash:Files have a file extension, such as .bin, at the end of the filename. Directories do not have a file extension.What is the filename of the Cisco IOS image?c2960-lanbase-mz.122-25.FX.bin (may vary)Part 2: Configure Basic Network Device SettingsIn Part 2, you will configure basic settings for the switch and PC.Step 1: Configure basic switch settings.a. Copy the following basic configuration and paste it into S1 while in global configuration mode.
f. Console port access should also be restricted with a password. Use cisco as the console login password in this activity. The default configuration is to allow all console connections with no password needed. To prevent console messages from interrupting commands, use the logging synchronous option.S1(config)#line console 0S1(config-line)#password ciscoS1(config-line)#loginS1(config-line)#loggin synchronousS1(config-line)#exitS1(config)#g. Configure the virtual terminal (vty) lines for the switch to allow telnet access. If you do not configure a vty password, you will not be able to telnet to the switch.S1(config)#line vty 0 15S1(config-line)#password ciscoS1(config-line)#loginS1(config-line)#endWhy is the login command required?Without the login command, the switch will not prompt for a passwordStep 2: Configure an IP address on PC-A.Assign the IP address and subnet mask to the PC as shown in the Addressing Table. An abbreviated version of the procedure is described here. A default gateway is not required for this topology; however, you can enter 192.168.1.1 and fe80::1 to simulate a router attached to S1.1) Navigate to the Control Panel.2) In the Category view, select View network status and tasks.3) Click Change adapter settings on the left panel.4) Right-click an Ethernet interface, and choose Properties.5) Choose Internet Protocol Version 4 (TCP/IPv4) and click Properties.6) Click the Use the following IP address radio button and enter the IP address and subnet mask andclick OK.7) Select Internet Protocol Version 6 (TCP/IPv6) and click Properties.8) Click the Use the following IPv6 address radio button and enter the IPv6 address and prefix andclick OK to continue9) Click OK to exit the Properties window.
Because PC-A needs to resolve the MAC address of S1 through ARP, the first packet may time out. If ping results continue to be unsuccessful, troubleshoot the basic device configurations. Check both the physical cabling and logical addressing.Step 3: Test and verify remote management of S1.You will now use Telnet to remotely access the switch. In this lab, PC-A and S1 reside side by side. In a production network, the switch could be in a wiring closet on the top floor while your management PC is located on the ground floor. In this step, you will use Telnet to remotely access switch S1 using its SVI management address. Telnet is not a secure protocol; however, you will use it to test remote access. With Telnet, all information, including passwords and commands, are sent across the session in plain text. In subsequent labs, you will use SSH to remotely access network devices.a. Open Tera Term or other terminal emulation program with Telnet capability.b. Select the Telnet server and provide the SVI management address to connect to S1. The password is cisco.c. After entering the password cisco, you will be at the user EXEC mode prompt. Access privileged EXEC mode using the enable command and providing the secret password class.d. Save the configuration.e. Type exit to end the Telnet session.C:\>telnet 192.168.1.2Trying 192.168.1.2 ...OpenUser Access VerificationPassword: S1>enablePassword: Password: S1#S1#copy running-config startup-config Destination filename [startup-config]? Building configuration...[OK]S1#exit[Connection to 192.168.1.2 closed by foreign host]C:\>Part 4: Manage the MAC Address TableIn Part 4, you will determine the MAC addresses that the switch has learned, set up a static MAC address on one interface of the switch, and then remove the static MAC address from that interface.Step 1: Record the MAC address of the host.Open a command prompt on PC-A and issue the ipconfig /all command to determine and record the Layer 2 (physical) addresses of the NIC.C:\>ipconfig /allFastEthernet0 Connection:(default port) Connection-specific DNS Suffix..: Physical Address................: 0009.7C28.ED5E Link-local IPv6 Address.........: FE80::3 IP Address......................: 192.168.1.10 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 0.0.0.0 DNS Servers.....................: 0.0.0.0 DHCP Servers....................: 0.0.0.0 DHCPv6 Client DUID..............: 00-01-00-01-69-B1-D6-1E-00-09-7C-28-ED-5E0009.7C28.ED5E (answers will vary)
a. Console into the switch and enter privileged EXEC mode.Switch> enableSwitch#b. Use the show flash command to determine if any VLANs have been created on the switch.Switch# show flashDirectory of flash:/2 -rwx 1919 Mar 1 1993 00:06:33 +00:00 private-config.text3 -rwx 1632 Mar 1 1993 00:06:33 +00:00 config.text4 -rwx 13336 Mar 1 1993 00:06:33 +00:00 multiple-fs5 -rwx 11607161 Mar 1 1993 02:37:06 +00:00 c2960-lanbasek9-mz.150-2.SE.bin6 -rwx 616 Mar 1 1993 00:07:13 +00:00 vlan.dat32514048 bytes total (20886528 bytes free)c. If the vlan.dat file was found in flash, then delete this file.Switch# delete vlan.datDelete filename [vlan.dat]?d. You are prompted to verify the filename. If you have entered the name correctly, press Enter; otherwise, you can change the filename.You are prompted to confirm deletion of this file. Press Enter to confirm.Delete flash:/vlan.dat? [confirm]Switch#e. Use the erase startup-config command to erase the startup configuration file from NVRAM. You are prompted to remove the configuration file. Press Enter to confirm. 2ff7e9595c
Comments