SlideShare a Scribd company logo
Switch Configuration



© 2004, Cisco Systems, Inc. All rights reserved.   1
Objectives




       © 2004, Cisco Systems, Inc. All rights reserved.   2
Starting the Switch


Switches:
• have several ports that hosts can connect to;
• have specialized ports for the purpose of
  management;
• can be managed and the configuration can be
  viewed and changed through the console port ;
• typically have no power switch to turn them on
  and off - simply connect or disconnect from a
  power source;

        © 2004, Cisco Systems, Inc. All rights reserved.   3
Catalyst 2950 series Switches Features

• Fixed configuration
  symmetrical switches with
  all ports being FastEthernet
  or 10/100;
• Asymmetrical switches
  with two fixed fiber or
  copper Gigabit Ethernet
  ports;
• Asymmetrical switches
  with modular Gigabit
  Interface Converter (GBIC)
  slots



             © 2004, Cisco Systems, Inc. All rights reserved.   4
LEDs


 Light-emitting diodes (LEDs)
 • help monitor system activity and performance;
 • on the front of a switch:
       - System LED
       - Remote Power Supply (RPS) LED
       - Port Mode LEDs
       - Port Status LEDs



        © 2004, Cisco Systems, Inc. All rights reserved.   5
LEDs
System LED
• shows whether the system is receiving power and functioning
  correctly;

RPS LED
• indicates whether or not the remote power supply is in use;

Mode LEDs
• indicate the current state of the Mode button;
• are used to determine how the Port Status LEDs are interpreted;
• to select or change the port mode, press the Mode button repeatedly
  until the Mode LEDs indicate the desired mode.

Port Status LEDs
•   have different meanings, depending on the current value of the
    Mode LED. © 2004, Cisco Systems, Inc. All rights reserved.       6
Mode LED




     © 2004, Cisco Systems, Inc. All rights reserved.   7
Verifying Port LEDs During Switch POST

  Power-On Self Test (POST)
  • runs automatically to verify that the switch
  functions correctly;
  • POST failure is considered to be a fatal error;
  • should not expect a reliable operation of the
  switch if POST fails.




        © 2004, Cisco Systems, Inc. All rights reserved.   8
Verifying Port LEDs During Switch POST

 Port Status LEDs during POST:
 turn amber - for about 30 seconds
 • the switch discovers the network topology and
   searches for loops;
 turn green
 • the switch has established a link between the
   port and a target, such as a computer;
 turn off
 • the switch has determined that nothing is
   plugged into the port.
            © 2004, Cisco Systems, Inc. All rights reserved.   9
Connecting Switch to PC




 © 2004, Cisco Systems, Inc. All rights reserved.   10
Console Connection




      © 2004, Cisco Systems, Inc. All rights reserved.   11
Console Connection




      © 2004, Cisco Systems, Inc. All rights reserved.   12
Console Connection




      Shows information about the switch:
      • details about POST status;
      • data about the switch hardware.
      © 2004, Cisco Systems, Inc. All rights reserved.   13
Switch CLI




© 2004, Cisco Systems, Inc. All rights reserved.   14
Command-Line Interface (CLI)




Command-line interface (CLI) for Cisco
 switches:
• is very similar to the CLI for Cisco routers.




        © 2004, Cisco Systems, Inc. All rights reserved.   15
“Help” command




      © 2004, Cisco Systems, Inc. All rights reserved.   16
Command Modes




                              • User EXEC
                              • Privileged EXEC




     © 2004, Cisco Systems, Inc. All rights reserved.   17
User EXEC mode

  User EXEC mode
  • default mode;
  • is recognized by its prompt, which
    ends in a greater-than character (>);
  • available commands are limited:
      - to change terminal settings;
      - to perform basic tests;
      - to display system information.

      © 2004, Cisco Systems, Inc. All rights reserved.   18
Privileged EXEC mode

Privileged EXEC mode
• to enter enable command is used from User EXEC
  mode;
• is recognized by its prompt, which ends in a pound-
  sign character (#);
• the command set includes the configure command:
     - allows other command modes to be accessed;
• should be password protected to prevent
  unauthorized use;
• the password does not appear on the screen, and is
  case sensitive.

         © 2004, Cisco Systems, Inc. All rights reserved.   19
Default Running Configuration




   © 2004, Cisco Systems, Inc. All rights reserved.   20
Default Running Configuration

 Default Running Configuration
 • when powered up for the first time, a switch
   has default data in the running configuration
   file;
 • default hostname - Switch;
 • no passwords are set on the console or
   virtual terminal (vty) lines;
 • the switch has no IP address (IP address for
  management purposes is configured on the virtual
  interface VLAN 1)

        © 2004, Cisco Systems, Inc. All rights reserved.   21
Verifying the Catalyst Switch Default
Configuration



               • show running-config
               • show interface
               • show vlan
               • show flash
               • show version


       © 2004, Cisco Systems, Inc. All rights reserved.   22
Default Running Configuration




       © 2004, Cisco Systems, Inc. All rights reserved.   23
Default Port Settings


  Default Running Configuration
  • the switch ports or interfaces are set to
    auto mode;
  • all switch ports are in VLAN 1;
  • VLAN 1 is known as the default
    management VLAN.


        © 2004, Cisco Systems, Inc. All rights reserved.   24
Default Port Settings




       © 2004, Cisco Systems, Inc. All rights reserved.   25
Default Port Settings




       © 2004, Cisco Systems, Inc. All rights reserved.   26
Default Flash Directory Content

                                                          IOS image




                                                          file env_vars


                                                          sub-directory
                                                          html




       © 2004, Cisco Systems, Inc. All rights reserved.                   27
Default Flash Directory Content

Default Running Configuration
• by default flash directory contains:
     - IOS image;
     - file env_vars;
     - sub-directory html.
• flash directory does not contain:
     - config.text – switch configuration file;
     - vlan.dat - VLAN database file.
         © 2004, Cisco Systems, Inc. All rights reserved.   28
IOS Version and Config. Register
             show version command – used to verify:
             • IOS version;
             • configuration register settings.




        © 2004, Cisco Systems, Inc. All rights reserved.   29
Reset Switch Configuration



    © 2004, Cisco Systems, Inc. All rights reserved.   30
Reset Switch Configuration


Steps to overwrite any existing configuration:


Erase the back up configuration file:
    - delete file startup-config
• Restart the switch:
    - use reload command.

         © 2004, Cisco Systems, Inc. All rights reserved.   31
Reset Switch Configuration




       © 2004, Cisco Systems, Inc. All rights reserved.   32
Configuring the Switch




© 2004, Cisco Systems, Inc. All rights reserved.   33
Hostname and Passwords Configuration




      © 2004, Cisco Systems, Inc. All rights reserved.   34
IP address and Default Gateway Configuration
      IP address Configuration:
      • allows the switch to be accessible by Telnet and other
      TCP/IP applications




          © 2004, Cisco Systems, Inc. All rights reserved.       35
VLAN1


Management VLAN:
• by default, VLAN 1 is the management
  VLAN;
• all internetworking devices should be in
  the management VLAN;
• allows a single management workstation
  to access, configure, and manage all the
  internetworking devices.

        © 2004, Cisco Systems, Inc. All rights reserved.   36
Port Speed and Duplex Settings Configuration




        © 2004, Cisco Systems, Inc. All rights reserved.   37
Port Speed and Duplex Settings Configuration


   Fast Ethernet switch ports:
   •by default set to auto-speed and auto-
   duplex (allows the interfaces to
   negotiate these settings);
   •Network administrators can manually
   configure the interface speed and
   duplex values


        © 2004, Cisco Systems, Inc. All rights reserved.   38
HTTP Service and Port Configuration

• Intelligent network devices can provide a web-based
  interface for configuration and management
  purposes;
• Once a switch is configured with an IP address and
  gateway, it can be accessed by a web-based
  interface;
HTTP services:
• can be access by a web browser using:
     - IP address;
     - port 80 - the default port for http.
• can be turned on or off, and the port address for the
  service can be chosen.
         © 2004, Cisco Systems, Inc. All rights reserved.   39
HTTP Service and Port Configuration




       © 2004, Cisco Systems, Inc. All rights reserved.   40
Configuring the Catalyst Switch




                                                             Web Management Interface




  Web Management Interface




          © 2004, Cisco Systems, Inc. All rights reserved.                              41
Managing the MAC Address Table




     © 2004, Cisco Systems, Inc. All rights reserved.   42
MAC Address Table


Switches
• examine the source address of frames that
  are received on the ports;
• learn the MAC addresses of PCs or
  workstations that are connected to their
  switch ports;
• record learned MAC addresses in a MAC
  address table.
       © 2004, Cisco Systems, Inc. All rights reserved.   43
Check Learned MAC Addresses




   show mac-address-table command - Privileged EXEC mode
   • examines the addresses that a switch has learned
         © 2004, Cisco Systems, Inc. All rights reserved.   44
MAC Address Table

Switches:
• dynamically learn and maintain thousands
  of MAC addresses;
• learned entries may be discarded from the
  MAC address table (to preserve memory and
  for optimal operation) ;
• the MAC address entry is automatically
  discarded or aged out after 300 seconds (if
 no frames are seen with a previously learned
 address).
       © 2004, Cisco Systems, Inc. All rights reserved.   45
Check Learned MAC Addresses




  Clear mac-address-table command - Privileged EXEC mode
  • used to remove dynamically learned MAC addresses;
  • used to remove static MAC address entries.
         © 2004, Cisco Systems, Inc. All rights reserved.   46
Managing the MAC Address Table




      © 2004, Cisco Systems, Inc. All rights reserved.   47
Static MAC Addresses


Static MAC address:
• permanently assigned to an interface;
Reasons for use a Static MAC address:
• will not be aged out automatically by the switch;
• a specific server or user workstation must be
  attached to the port and the MAC address is
  known;
• Security is enhanced.
         © 2004, Cisco Systems, Inc. All rights reserved.   48
Configuring Static MAC Addresses




       © 2004, Cisco Systems, Inc. All rights reserved.   49
Configuring Static MAC Addresses




       © 2004, Cisco Systems, Inc. All rights reserved.   50
Static MAC Addresses




  To configure:

  Switch(config)#mac-address-table static <mac-
  address of host > interface FastEthernet <Ethernet
  number > vlan <vlan name >
  To remove:

  Switch(config)# no mac-address-table static <mac-
  address of host > interface FastEthernet <Ethernet
  number > vlan <vlan name >
          © 2004, Cisco Systems, Inc. All rights reserved.   51
Port Security




© 2004, Cisco Systems, Inc. All rights reserved.   52
Port Security

  Port Security
  • It is possible to limit the number of
    addresses that can be learned on an
    interface;
  • the number of MAC addresses per port
    can be limited to 1;
  • the first address dynamically learned by
    the switch becomes the secure address.

        © 2004, Cisco Systems, Inc. All rights reserved.   53
Port Security Configuration




       © 2004, Cisco Systems, Inc. All rights reserved.   54
Configuring Port Security

Catalyst 2950 Series

 wg_sw_2950(config-if)#switchport port-security [mac-address
 mac-address] | [maximum value] | [violation {protect |
 restrict | shutdown}]




wg_sw_2950(config)#interface fa0/1
wg_sw_2950(config-if)#switchport mode access
wg_sw_2950(config-if)#switchport port-security
wg_sw_2950(config-if)#switchport port-security maximum 1
wg_sw_2950(config-if)#switchport port-security mac-address 0008.eeee.eeee
wg_sw_2950(config-if)#switchport port-security violation shutdown




            © 2004, Cisco Systems, Inc. All rights reserved.                55
Verifying Port Security
on the Catalyst 2950 Series

 wg_sw_2950#show port-security [interface interface-id] [address] [ |
 {begin | exclude | include} expression]




   wg_sw_2950#show port-security interface fastethernet 0/5
   Port Security              : Enabled
   Port Status                : Secure-up
   Violation Mode             : Shutdown
   Aging Time                 : 20 mins
   Aging Type                 : Absolute
   SecureStatic Address Aging : Disabled
   Maximum MAC Addresses      : 1
   Total MAC Addresses        : 1
   Configured MAC Addresses   : 0
   Sticky MAC Addresses       : 0
   Last Source Address        : 0000.0000.0000
   Security Violation Count   : 0




            © 2004, Cisco Systems, Inc. All rights reserved.            56
Verifying Port Security
on the Catalyst 2950 Series (Cont.)


wg_sw_2950#sh port-security
Secure Port MaxSecureAddr CurrentAddr SecurityViolation
Security Action
                (Count)       (Count)          (Count)
----------------------------------------------------------------
----------
      Fa0/2        1             1                0
Shutdown
----------------------------------------------------------------
-----------
Total Addresses in System (excluding one mac per port)     : 0
Max Addresses limit in System (excluding one mac per port) :
1024




          © 2004, Cisco Systems, Inc. All rights reserved.         57
Port Security


    To configure port security :
    Switch(config-if)#switchport port-security


    To reverse port security:
    Switch(config-if)# no switchport port-
    security
    To verify port security status:
    Switch(config)#show port security


        © 2004, Cisco Systems, Inc. All rights reserved.   58
Adding and Moving Switches
      to the Network



   © 2004, Cisco Systems, Inc. All rights reserved.   59
Adding New Switch

     Adding New Switch
     Must be configured:
     • Switch name;
     • IP address for the switch in the
       management VLAN;
     • a default gateway;
     • Line passwords.

      © 2004, Cisco Systems, Inc. All rights reserved.   60
Adding New Switch




      © 2004, Cisco Systems, Inc. All rights reserved.   61
Moving a Switch


Host is moved:
• from one port or switch to another;
• configurations that can cause unexpected
  behavior should be removed;
• configuration that is required can then be
  added.


       © 2004, Cisco Systems, Inc. All rights reserved.   62
Managing Switch Operation




  © 2004, Cisco Systems, Inc. All rights reserved.   63
Managing Switch Operation


• An administrator should document and
  maintain the operational configuration
  files for networking devices;
• The most recent running-configuration file
  should be backed up on a server or disk;
• The Cisco IOS Software should also be
  backed up to a local server. The Cisco IOS
  Software can then be reloaded to Flash
  memory if needed.

       © 2004, Cisco Systems, Inc. All rights reserved.   64
Password Recovery




© 2004, Cisco Systems, Inc. All rights reserved.   65
Enable Security




       © 2004, Cisco Systems, Inc. All rights reserved.   66
Passwords



 Passwords
 • must be set on the console and vty lines-
   for security and management purposes;
 • must be set enable password;
 • must be set enable secret password.



       © 2004, Cisco Systems, Inc. All rights reserved.   67
Password Recovery (2950)


1. Make sure that a PC is connected to the
   console port and a HyperTerminal
   window is open.
2. Turn the switch off. Turn it back on while
   holding down the “MODE” button on the
   front of the switch at the same time that
   the switch is powered on. Release the
   “MODE” button after the STAT LED goes
   out.

       © 2004, Cisco Systems, Inc. All rights reserved.   68
Password Recovery (2950)

3. Type flash_init
4. Type load_helper
5. Type dir flash:
6. rename flash:config.text flash:config.old
7. Type boot
8. N at the following prompt to start the
   Setup program.

       © 2004, Cisco Systems, Inc. All rights reserved.   69
Password Recovery (2950)




 9. Type rename flash:config.old
    flash:config.text
 10. copy flash:config.text system:running-
     config




       © 2004, Cisco Systems, Inc. All rights reserved.   70
Password Recovery (2950)




                                                   11.




      © 2004, Cisco Systems, Inc. All rights reserved.   71
Summary




     © 2004, Cisco Systems, Inc. All rights reserved.   72
Exercises
Lab Activity
6.2.1. Lab Activity – Verifying Default Switch Configuration
6.2.2. Lab Activity – Basic Switch Configuration
6.2.3. Lab Activity – Managing the MAC Address Table
6.2.4. Lab Activity – Configuring Static MAC Addresses
6.2.5. Lab Activity – Configuring Port Security
6.2.6. Lab Activity – Add, Move, Change MAC Addresses
6.2.7. Lab Activity – Managing Switch Operating System Files
6.2.7. Lab Activity – Managing Switch Startup Configuration Files
6.2.8. Lab Activity – Password Recovery Procedure on a Catalyst 2900
   Series Switch
6.2.9. Lab Activity – Firmware Upgrade on a Catalyst 2900 Series Switch
              © 2004, Cisco Systems, Inc. All rights reserved.         73

More Related Content

What's hot

ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
Er. Anmol Bhagat
 
Switches on Networking
Switches on NetworkingSwitches on Networking
Switches on Networking
Gayan Geethanjana
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt.  by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt.  by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
Tarun Khaneja
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
AIRTEL
 
CCNA 1 Routing and Switching v5.0 Chapter 2
CCNA 1 Routing and Switching v5.0 Chapter 2CCNA 1 Routing and Switching v5.0 Chapter 2
CCNA 1 Routing and Switching v5.0 Chapter 2
Nil Menon
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)
DH Da Lat
 
Ccna command
Ccna commandCcna command
Ccna command
Siddhartha Rajbhatt
 
Router and types
Router and types Router and types
Router and types
Qazafie Mehrzad
 
CCNA ppt Day 1
CCNA ppt Day 1CCNA ppt Day 1
CCNA ppt Day 1
VISHNU N
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic Configuration
Prof. Erwin Globio
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
Muuluu
 
1000 Ccna Questions And Answers
1000 Ccna Questions And Answers1000 Ccna Questions And Answers
1000 Ccna Questions And Answers
CCNAResources
 
Network switch
Network switchNetwork switch
Network switch
Ravinder Kaur
 
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONCCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
Aswini Badatya
 
CCNA IP Addressing
CCNA IP AddressingCCNA IP Addressing
CCNA IP Addressing
Dsunte Wilson
 
Ccna PPT2
Ccna PPT2Ccna PPT2
Ccna PPT2
AIRTEL
 
CCNA v6.0 ITN - Chapter 02
CCNA v6.0 ITN - Chapter 02CCNA v6.0 ITN - Chapter 02
CCNA v6.0 ITN - Chapter 02
Irsandi Hasan
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching Commands
Eng. Emad Al-Atoum
 
CCNA Introducing Networks
CCNA Introducing NetworksCCNA Introducing Networks
CCNA Introducing Networks
Dsunte Wilson
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPT
Nishant Goel
 

What's hot (20)

ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
 
Switches on Networking
Switches on NetworkingSwitches on Networking
Switches on Networking
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt.  by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt.  by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
 
CCNA 1 Routing and Switching v5.0 Chapter 2
CCNA 1 Routing and Switching v5.0 Chapter 2CCNA 1 Routing and Switching v5.0 Chapter 2
CCNA 1 Routing and Switching v5.0 Chapter 2
 
Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)Cisco commands List for Beginners (CCNA, CCNP)
Cisco commands List for Beginners (CCNA, CCNP)
 
Ccna command
Ccna commandCcna command
Ccna command
 
Router and types
Router and types Router and types
Router and types
 
CCNA ppt Day 1
CCNA ppt Day 1CCNA ppt Day 1
CCNA ppt Day 1
 
Cisco Router Basic Configuration
Cisco Router Basic ConfigurationCisco Router Basic Configuration
Cisco Router Basic Configuration
 
Spanning tree protocol
Spanning tree protocolSpanning tree protocol
Spanning tree protocol
 
1000 Ccna Questions And Answers
1000 Ccna Questions And Answers1000 Ccna Questions And Answers
1000 Ccna Questions And Answers
 
Network switch
Network switchNetwork switch
Network switch
 
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATIONCCNA BASIC SWITCHING AND SWITCH CONFIGURATION
CCNA BASIC SWITCHING AND SWITCH CONFIGURATION
 
CCNA IP Addressing
CCNA IP AddressingCCNA IP Addressing
CCNA IP Addressing
 
Ccna PPT2
Ccna PPT2Ccna PPT2
Ccna PPT2
 
CCNA v6.0 ITN - Chapter 02
CCNA v6.0 ITN - Chapter 02CCNA v6.0 ITN - Chapter 02
CCNA v6.0 ITN - Chapter 02
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching Commands
 
CCNA Introducing Networks
CCNA Introducing NetworksCCNA Introducing Networks
CCNA Introducing Networks
 
CCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPTCCNA SUMMER TRAINNING PPT
CCNA SUMMER TRAINNING PPT
 

Viewers also liked

1.1 windows server 2003
1.1 windows server 20031.1 windows server 2003
1.1 windows server 2003
Muuluu
 
Switch function
Switch functionSwitch function
Switch function
Muuluu
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
Muuluu
 
2.2 determining trust relationships
2.2 determining trust relationships2.2 determining trust relationships
2.2 determining trust relationships
Muuluu
 
User account policy
User account policyUser account policy
User account policy
Muuluu
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
Muuluu
 
2.1 user practical
2.1 user practical2.1 user practical
2.1 user practical
Muuluu
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groups
Muuluu
 
1.2 ad installation
1.2 ad installation1.2 ad installation
1.2 ad installation
Muuluu
 
Лекц 13
Лекц 13Лекц 13
Лекц 13Muuluu
 
Лекц 11
Лекц 11Лекц 11
Лекц 11Muuluu
 
Лекц 9
Лекц 9Лекц 9
Лекц 9
Muuluu
 
Лекц 10
Лекц 10Лекц 10
Лекц 10Muuluu
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
Muuluu
 
Dns server
Dns serverDns server
Dns server
Muuluu
 
1.2 active directory
1.2 active directory1.2 active directory
1.2 active directory
Muuluu
 
Лекц 11
Лекц 11Лекц 11
Лекц 11Muuluu
 
Лекц 12
Лекц 12Лекц 12
Лекц 12Muuluu
 

Viewers also liked (18)

1.1 windows server 2003
1.1 windows server 20031.1 windows server 2003
1.1 windows server 2003
 
Switch function
Switch functionSwitch function
Switch function
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
2.2 determining trust relationships
2.2 determining trust relationships2.2 determining trust relationships
2.2 determining trust relationships
 
User account policy
User account policyUser account policy
User account policy
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 
2.1 user practical
2.1 user practical2.1 user practical
2.1 user practical
 
2.1 users & groups
2.1 users & groups2.1 users & groups
2.1 users & groups
 
1.2 ad installation
1.2 ad installation1.2 ad installation
1.2 ad installation
 
Лекц 13
Лекц 13Лекц 13
Лекц 13
 
Лекц 11
Лекц 11Лекц 11
Лекц 11
 
Лекц 9
Лекц 9Лекц 9
Лекц 9
 
Лекц 10
Лекц 10Лекц 10
Лекц 10
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Dns server
Dns serverDns server
Dns server
 
1.2 active directory
1.2 active directory1.2 active directory
1.2 active directory
 
Лекц 11
Лекц 11Лекц 11
Лекц 11
 
Лекц 12
Лекц 12Лекц 12
Лекц 12
 

Similar to Switch configuration

Switch configuration
Switch configurationSwitch configuration
Switch configuration
Muuluu
 
Лекц 8
Лекц 8Лекц 8
Лекц 8
Muuluu
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
Waqas Ahmed Nawaz
 
Itn6 instructor materials_chapter2
Itn6 instructor materials_chapter2Itn6 instructor materials_chapter2
Itn6 instructor materials_chapter2
limenih muluneh
 
PC LEESOON 6.pptx
PC LEESOON 6.pptxPC LEESOON 6.pptx
PC LEESOON 6.pptx
MLG College of Learning, Inc
 
Day 13.1 startingaswitch
Day 13.1 startingaswitchDay 13.1 startingaswitch
Day 13.1 startingaswitch
CYBERINTELLIGENTS
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
Waqas Ahmed Nawaz
 
Redes
RedesRedes
Redes
fareyc
 
1627478708347_Chapter 1.pptx
1627478708347_Chapter 1.pptx1627478708347_Chapter 1.pptx
1627478708347_Chapter 1.pptx
TesfaMinuyelet
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
Waqas Ahmed Nawaz
 
Basic switch management
Basic switch managementBasic switch management
Basic switch management
Pawandeep Singh
 
CCNA_ITN_Chp2_.pptx
CCNA_ITN_Chp2_.pptxCCNA_ITN_Chp2_.pptx
CCNA_ITN_Chp2_.pptx
NguyenLe340487
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1
Chaing Ravuth
 
Ex 1 chapter11-configure-network-tony_chen
Ex 1 chapter11-configure-network-tony_chenEx 1 chapter11-configure-network-tony_chen
Ex 1 chapter11-configure-network-tony_chen
Đô GiẢn
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
Waqas Ahmed Nawaz
 
Cis81 ccna1v5-2-configuring networkoperatingsystem
Cis81 ccna1v5-2-configuring networkoperatingsystemCis81 ccna1v5-2-configuring networkoperatingsystem
Cis81 ccna1v5-2-configuring networkoperatingsystem
Betselove
 
CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5
Chaing Ravuth
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2
Chaing Ravuth
 
Chapter 2 Configure a Network Operating System
Chapter 2 Configure a Network Operating SystemChapter 2 Configure a Network Operating System
Chapter 2 Configure a Network Operating System
newbie2019
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
Waqas Ahmed Nawaz
 

Similar to Switch configuration (20)

Switch configuration
Switch configurationSwitch configuration
Switch configuration
 
Лекц 8
Лекц 8Лекц 8
Лекц 8
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 2
 
Itn6 instructor materials_chapter2
Itn6 instructor materials_chapter2Itn6 instructor materials_chapter2
Itn6 instructor materials_chapter2
 
PC LEESOON 6.pptx
PC LEESOON 6.pptxPC LEESOON 6.pptx
PC LEESOON 6.pptx
 
Day 13.1 startingaswitch
Day 13.1 startingaswitchDay 13.1 startingaswitch
Day 13.1 startingaswitch
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 6
 
Redes
RedesRedes
Redes
 
1627478708347_Chapter 1.pptx
1627478708347_Chapter 1.pptx1627478708347_Chapter 1.pptx
1627478708347_Chapter 1.pptx
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 5
 
Basic switch management
Basic switch managementBasic switch management
Basic switch management
 
CCNA_ITN_Chp2_.pptx
CCNA_ITN_Chp2_.pptxCCNA_ITN_Chp2_.pptx
CCNA_ITN_Chp2_.pptx
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1
 
Ex 1 chapter11-configure-network-tony_chen
Ex 1 chapter11-configure-network-tony_chenEx 1 chapter11-configure-network-tony_chen
Ex 1 chapter11-configure-network-tony_chen
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
 
Cis81 ccna1v5-2-configuring networkoperatingsystem
Cis81 ccna1v5-2-configuring networkoperatingsystemCis81 ccna1v5-2-configuring networkoperatingsystem
Cis81 ccna1v5-2-configuring networkoperatingsystem
 
CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2
 
Chapter 2 Configure a Network Operating System
Chapter 2 Configure a Network Operating SystemChapter 2 Configure a Network Operating System
Chapter 2 Configure a Network Operating System
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
CCNA (R & S) Module 02 - Connecting Networks - Chapter 2
 

More from Muuluu

Өгөгдлийн бүтэц
Өгөгдлийн бүтэцӨгөгдлийн бүтэц
Өгөгдлийн бүтэц
Muuluu
 
Basic software
Basic software Basic software
Basic software
Muuluu
 
Wide area networks
Wide area networksWide area networks
Wide area networks
Muuluu
 
NAT and PAT
NAT and PATNAT and PAT
NAT and PAT
Muuluu
 
Firewall
FirewallFirewall
Firewall
Muuluu
 
User practical
User practicalUser practical
User practical
Muuluu
 
Active directory
Active directoryActive directory
Active directory
Muuluu
 
Hardware
HardwareHardware
Hardware
Muuluu
 
windows server 2003
 windows server 2003 windows server 2003
windows server 2003
Muuluu
 
Процессорын архитектур
Процессорын архитектурПроцессорын архитектур
Процессорын архитектур
Muuluu
 
6 network devices
6 network devices6 network devices
6 network devices
Muuluu
 
Бие даалт
Бие даалтБие даалт
Бие даалт
Muuluu
 
Лекц 15
Лекц 15Лекц 15
Лекц 15
Muuluu
 
Лекц 14
Лекц 14Лекц 14
Лекц 14Muuluu
 
Лекц 16
Лекц 16Лекц 16
Лекц 16Muuluu
 
Лекц 15
Лекц 15Лекц 15
Лекц 15Muuluu
 
Лекц 14
Лекц 14Лекц 14
Лекц 14Muuluu
 
Лекц 13
Лекц 13Лекц 13
Лекц 13Muuluu
 
Лекц 12
Лекц 12Лекц 12
Лекц 12Muuluu
 

More from Muuluu (19)

Өгөгдлийн бүтэц
Өгөгдлийн бүтэцӨгөгдлийн бүтэц
Өгөгдлийн бүтэц
 
Basic software
Basic software Basic software
Basic software
 
Wide area networks
Wide area networksWide area networks
Wide area networks
 
NAT and PAT
NAT and PATNAT and PAT
NAT and PAT
 
Firewall
FirewallFirewall
Firewall
 
User practical
User practicalUser practical
User practical
 
Active directory
Active directoryActive directory
Active directory
 
Hardware
HardwareHardware
Hardware
 
windows server 2003
 windows server 2003 windows server 2003
windows server 2003
 
Процессорын архитектур
Процессорын архитектурПроцессорын архитектур
Процессорын архитектур
 
6 network devices
6 network devices6 network devices
6 network devices
 
Бие даалт
Бие даалтБие даалт
Бие даалт
 
Лекц 15
Лекц 15Лекц 15
Лекц 15
 
Лекц 14
Лекц 14Лекц 14
Лекц 14
 
Лекц 16
Лекц 16Лекц 16
Лекц 16
 
Лекц 15
Лекц 15Лекц 15
Лекц 15
 
Лекц 14
Лекц 14Лекц 14
Лекц 14
 
Лекц 13
Лекц 13Лекц 13
Лекц 13
 
Лекц 12
Лекц 12Лекц 12
Лекц 12
 

Switch configuration

  • 1. Switch Configuration © 2004, Cisco Systems, Inc. All rights reserved. 1
  • 2. Objectives © 2004, Cisco Systems, Inc. All rights reserved. 2
  • 3. Starting the Switch Switches: • have several ports that hosts can connect to; • have specialized ports for the purpose of management; • can be managed and the configuration can be viewed and changed through the console port ; • typically have no power switch to turn them on and off - simply connect or disconnect from a power source; © 2004, Cisco Systems, Inc. All rights reserved. 3
  • 4. Catalyst 2950 series Switches Features • Fixed configuration symmetrical switches with all ports being FastEthernet or 10/100; • Asymmetrical switches with two fixed fiber or copper Gigabit Ethernet ports; • Asymmetrical switches with modular Gigabit Interface Converter (GBIC) slots © 2004, Cisco Systems, Inc. All rights reserved. 4
  • 5. LEDs Light-emitting diodes (LEDs) • help monitor system activity and performance; • on the front of a switch: - System LED - Remote Power Supply (RPS) LED - Port Mode LEDs - Port Status LEDs © 2004, Cisco Systems, Inc. All rights reserved. 5
  • 6. LEDs System LED • shows whether the system is receiving power and functioning correctly; RPS LED • indicates whether or not the remote power supply is in use; Mode LEDs • indicate the current state of the Mode button; • are used to determine how the Port Status LEDs are interpreted; • to select or change the port mode, press the Mode button repeatedly until the Mode LEDs indicate the desired mode. Port Status LEDs • have different meanings, depending on the current value of the Mode LED. © 2004, Cisco Systems, Inc. All rights reserved. 6
  • 7. Mode LED © 2004, Cisco Systems, Inc. All rights reserved. 7
  • 8. Verifying Port LEDs During Switch POST Power-On Self Test (POST) • runs automatically to verify that the switch functions correctly; • POST failure is considered to be a fatal error; • should not expect a reliable operation of the switch if POST fails. © 2004, Cisco Systems, Inc. All rights reserved. 8
  • 9. Verifying Port LEDs During Switch POST Port Status LEDs during POST: turn amber - for about 30 seconds • the switch discovers the network topology and searches for loops; turn green • the switch has established a link between the port and a target, such as a computer; turn off • the switch has determined that nothing is plugged into the port. © 2004, Cisco Systems, Inc. All rights reserved. 9
  • 10. Connecting Switch to PC © 2004, Cisco Systems, Inc. All rights reserved. 10
  • 11. Console Connection © 2004, Cisco Systems, Inc. All rights reserved. 11
  • 12. Console Connection © 2004, Cisco Systems, Inc. All rights reserved. 12
  • 13. Console Connection Shows information about the switch: • details about POST status; • data about the switch hardware. © 2004, Cisco Systems, Inc. All rights reserved. 13
  • 14. Switch CLI © 2004, Cisco Systems, Inc. All rights reserved. 14
  • 15. Command-Line Interface (CLI) Command-line interface (CLI) for Cisco switches: • is very similar to the CLI for Cisco routers. © 2004, Cisco Systems, Inc. All rights reserved. 15
  • 16. “Help” command © 2004, Cisco Systems, Inc. All rights reserved. 16
  • 17. Command Modes • User EXEC • Privileged EXEC © 2004, Cisco Systems, Inc. All rights reserved. 17
  • 18. User EXEC mode User EXEC mode • default mode; • is recognized by its prompt, which ends in a greater-than character (>); • available commands are limited: - to change terminal settings; - to perform basic tests; - to display system information. © 2004, Cisco Systems, Inc. All rights reserved. 18
  • 19. Privileged EXEC mode Privileged EXEC mode • to enter enable command is used from User EXEC mode; • is recognized by its prompt, which ends in a pound- sign character (#); • the command set includes the configure command: - allows other command modes to be accessed; • should be password protected to prevent unauthorized use; • the password does not appear on the screen, and is case sensitive. © 2004, Cisco Systems, Inc. All rights reserved. 19
  • 20. Default Running Configuration © 2004, Cisco Systems, Inc. All rights reserved. 20
  • 21. Default Running Configuration Default Running Configuration • when powered up for the first time, a switch has default data in the running configuration file; • default hostname - Switch; • no passwords are set on the console or virtual terminal (vty) lines; • the switch has no IP address (IP address for management purposes is configured on the virtual interface VLAN 1) © 2004, Cisco Systems, Inc. All rights reserved. 21
  • 22. Verifying the Catalyst Switch Default Configuration • show running-config • show interface • show vlan • show flash • show version © 2004, Cisco Systems, Inc. All rights reserved. 22
  • 23. Default Running Configuration © 2004, Cisco Systems, Inc. All rights reserved. 23
  • 24. Default Port Settings Default Running Configuration • the switch ports or interfaces are set to auto mode; • all switch ports are in VLAN 1; • VLAN 1 is known as the default management VLAN. © 2004, Cisco Systems, Inc. All rights reserved. 24
  • 25. Default Port Settings © 2004, Cisco Systems, Inc. All rights reserved. 25
  • 26. Default Port Settings © 2004, Cisco Systems, Inc. All rights reserved. 26
  • 27. Default Flash Directory Content IOS image file env_vars sub-directory html © 2004, Cisco Systems, Inc. All rights reserved. 27
  • 28. Default Flash Directory Content Default Running Configuration • by default flash directory contains: - IOS image; - file env_vars; - sub-directory html. • flash directory does not contain: - config.text – switch configuration file; - vlan.dat - VLAN database file. © 2004, Cisco Systems, Inc. All rights reserved. 28
  • 29. IOS Version and Config. Register show version command – used to verify: • IOS version; • configuration register settings. © 2004, Cisco Systems, Inc. All rights reserved. 29
  • 30. Reset Switch Configuration © 2004, Cisco Systems, Inc. All rights reserved. 30
  • 31. Reset Switch Configuration Steps to overwrite any existing configuration: Erase the back up configuration file: - delete file startup-config • Restart the switch: - use reload command. © 2004, Cisco Systems, Inc. All rights reserved. 31
  • 32. Reset Switch Configuration © 2004, Cisco Systems, Inc. All rights reserved. 32
  • 33. Configuring the Switch © 2004, Cisco Systems, Inc. All rights reserved. 33
  • 34. Hostname and Passwords Configuration © 2004, Cisco Systems, Inc. All rights reserved. 34
  • 35. IP address and Default Gateway Configuration IP address Configuration: • allows the switch to be accessible by Telnet and other TCP/IP applications © 2004, Cisco Systems, Inc. All rights reserved. 35
  • 36. VLAN1 Management VLAN: • by default, VLAN 1 is the management VLAN; • all internetworking devices should be in the management VLAN; • allows a single management workstation to access, configure, and manage all the internetworking devices. © 2004, Cisco Systems, Inc. All rights reserved. 36
  • 37. Port Speed and Duplex Settings Configuration © 2004, Cisco Systems, Inc. All rights reserved. 37
  • 38. Port Speed and Duplex Settings Configuration Fast Ethernet switch ports: •by default set to auto-speed and auto- duplex (allows the interfaces to negotiate these settings); •Network administrators can manually configure the interface speed and duplex values © 2004, Cisco Systems, Inc. All rights reserved. 38
  • 39. HTTP Service and Port Configuration • Intelligent network devices can provide a web-based interface for configuration and management purposes; • Once a switch is configured with an IP address and gateway, it can be accessed by a web-based interface; HTTP services: • can be access by a web browser using: - IP address; - port 80 - the default port for http. • can be turned on or off, and the port address for the service can be chosen. © 2004, Cisco Systems, Inc. All rights reserved. 39
  • 40. HTTP Service and Port Configuration © 2004, Cisco Systems, Inc. All rights reserved. 40
  • 41. Configuring the Catalyst Switch Web Management Interface Web Management Interface © 2004, Cisco Systems, Inc. All rights reserved. 41
  • 42. Managing the MAC Address Table © 2004, Cisco Systems, Inc. All rights reserved. 42
  • 43. MAC Address Table Switches • examine the source address of frames that are received on the ports; • learn the MAC addresses of PCs or workstations that are connected to their switch ports; • record learned MAC addresses in a MAC address table. © 2004, Cisco Systems, Inc. All rights reserved. 43
  • 44. Check Learned MAC Addresses show mac-address-table command - Privileged EXEC mode • examines the addresses that a switch has learned © 2004, Cisco Systems, Inc. All rights reserved. 44
  • 45. MAC Address Table Switches: • dynamically learn and maintain thousands of MAC addresses; • learned entries may be discarded from the MAC address table (to preserve memory and for optimal operation) ; • the MAC address entry is automatically discarded or aged out after 300 seconds (if no frames are seen with a previously learned address). © 2004, Cisco Systems, Inc. All rights reserved. 45
  • 46. Check Learned MAC Addresses Clear mac-address-table command - Privileged EXEC mode • used to remove dynamically learned MAC addresses; • used to remove static MAC address entries. © 2004, Cisco Systems, Inc. All rights reserved. 46
  • 47. Managing the MAC Address Table © 2004, Cisco Systems, Inc. All rights reserved. 47
  • 48. Static MAC Addresses Static MAC address: • permanently assigned to an interface; Reasons for use a Static MAC address: • will not be aged out automatically by the switch; • a specific server or user workstation must be attached to the port and the MAC address is known; • Security is enhanced. © 2004, Cisco Systems, Inc. All rights reserved. 48
  • 49. Configuring Static MAC Addresses © 2004, Cisco Systems, Inc. All rights reserved. 49
  • 50. Configuring Static MAC Addresses © 2004, Cisco Systems, Inc. All rights reserved. 50
  • 51. Static MAC Addresses To configure: Switch(config)#mac-address-table static <mac- address of host > interface FastEthernet <Ethernet number > vlan <vlan name > To remove: Switch(config)# no mac-address-table static <mac- address of host > interface FastEthernet <Ethernet number > vlan <vlan name > © 2004, Cisco Systems, Inc. All rights reserved. 51
  • 52. Port Security © 2004, Cisco Systems, Inc. All rights reserved. 52
  • 53. Port Security Port Security • It is possible to limit the number of addresses that can be learned on an interface; • the number of MAC addresses per port can be limited to 1; • the first address dynamically learned by the switch becomes the secure address. © 2004, Cisco Systems, Inc. All rights reserved. 53
  • 54. Port Security Configuration © 2004, Cisco Systems, Inc. All rights reserved. 54
  • 55. Configuring Port Security Catalyst 2950 Series wg_sw_2950(config-if)#switchport port-security [mac-address mac-address] | [maximum value] | [violation {protect | restrict | shutdown}] wg_sw_2950(config)#interface fa0/1 wg_sw_2950(config-if)#switchport mode access wg_sw_2950(config-if)#switchport port-security wg_sw_2950(config-if)#switchport port-security maximum 1 wg_sw_2950(config-if)#switchport port-security mac-address 0008.eeee.eeee wg_sw_2950(config-if)#switchport port-security violation shutdown © 2004, Cisco Systems, Inc. All rights reserved. 55
  • 56. Verifying Port Security on the Catalyst 2950 Series wg_sw_2950#show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression] wg_sw_2950#show port-security interface fastethernet 0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0 © 2004, Cisco Systems, Inc. All rights reserved. 56
  • 57. Verifying Port Security on the Catalyst 2950 Series (Cont.) wg_sw_2950#sh port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) ---------------------------------------------------------------- ---------- Fa0/2 1 1 0 Shutdown ---------------------------------------------------------------- ----------- Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 © 2004, Cisco Systems, Inc. All rights reserved. 57
  • 58. Port Security To configure port security : Switch(config-if)#switchport port-security To reverse port security: Switch(config-if)# no switchport port- security To verify port security status: Switch(config)#show port security © 2004, Cisco Systems, Inc. All rights reserved. 58
  • 59. Adding and Moving Switches to the Network © 2004, Cisco Systems, Inc. All rights reserved. 59
  • 60. Adding New Switch Adding New Switch Must be configured: • Switch name; • IP address for the switch in the management VLAN; • a default gateway; • Line passwords. © 2004, Cisco Systems, Inc. All rights reserved. 60
  • 61. Adding New Switch © 2004, Cisco Systems, Inc. All rights reserved. 61
  • 62. Moving a Switch Host is moved: • from one port or switch to another; • configurations that can cause unexpected behavior should be removed; • configuration that is required can then be added. © 2004, Cisco Systems, Inc. All rights reserved. 62
  • 63. Managing Switch Operation © 2004, Cisco Systems, Inc. All rights reserved. 63
  • 64. Managing Switch Operation • An administrator should document and maintain the operational configuration files for networking devices; • The most recent running-configuration file should be backed up on a server or disk; • The Cisco IOS Software should also be backed up to a local server. The Cisco IOS Software can then be reloaded to Flash memory if needed. © 2004, Cisco Systems, Inc. All rights reserved. 64
  • 65. Password Recovery © 2004, Cisco Systems, Inc. All rights reserved. 65
  • 66. Enable Security © 2004, Cisco Systems, Inc. All rights reserved. 66
  • 67. Passwords Passwords • must be set on the console and vty lines- for security and management purposes; • must be set enable password; • must be set enable secret password. © 2004, Cisco Systems, Inc. All rights reserved. 67
  • 68. Password Recovery (2950) 1. Make sure that a PC is connected to the console port and a HyperTerminal window is open. 2. Turn the switch off. Turn it back on while holding down the “MODE” button on the front of the switch at the same time that the switch is powered on. Release the “MODE” button after the STAT LED goes out. © 2004, Cisco Systems, Inc. All rights reserved. 68
  • 69. Password Recovery (2950) 3. Type flash_init 4. Type load_helper 5. Type dir flash: 6. rename flash:config.text flash:config.old 7. Type boot 8. N at the following prompt to start the Setup program. © 2004, Cisco Systems, Inc. All rights reserved. 69
  • 70. Password Recovery (2950) 9. Type rename flash:config.old flash:config.text 10. copy flash:config.text system:running- config © 2004, Cisco Systems, Inc. All rights reserved. 70
  • 71. Password Recovery (2950) 11. © 2004, Cisco Systems, Inc. All rights reserved. 71
  • 72. Summary © 2004, Cisco Systems, Inc. All rights reserved. 72
  • 73. Exercises Lab Activity 6.2.1. Lab Activity – Verifying Default Switch Configuration 6.2.2. Lab Activity – Basic Switch Configuration 6.2.3. Lab Activity – Managing the MAC Address Table 6.2.4. Lab Activity – Configuring Static MAC Addresses 6.2.5. Lab Activity – Configuring Port Security 6.2.6. Lab Activity – Add, Move, Change MAC Addresses 6.2.7. Lab Activity – Managing Switch Operating System Files 6.2.7. Lab Activity – Managing Switch Startup Configuration Files 6.2.8. Lab Activity – Password Recovery Procedure on a Catalyst 2900 Series Switch 6.2.9. Lab Activity – Firmware Upgrade on a Catalyst 2900 Series Switch © 2004, Cisco Systems, Inc. All rights reserved. 73

Editor's Notes

  1. Layer 2 of 2 Note: When the switch-sticky learns a MAC address on a secured port, the switch will make that MAC address a permanent address.
  2. Layer 2 of 2 Emphasize: The default action is “suspend.”
  3. Layer 2 of 2 Emphasize: The default action is “suspend.”