Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cisco Router & Switch Configuration 1. Configuration modes:  Global configuration mode –SwitchX#configure terminal –SwitchX(config)#  Interface configuration.

Published byEustace Fowler Modified over 9 years ago

Similar presentations

Presentation on theme: "Cisco Router & Switch Configuration 1. Configuration modes:  Global configuration mode –SwitchX#configure terminal –SwitchX(config)#  Interface configuration."— Presentation transcript:

1 Cisco Router & Switch Configuration 1

2 Configuration modes:  Global configuration mode –SwitchX#configure terminal –SwitchX(config)#  Interface configuration mode –SwitchX(config)#interface fa0/1 –SwitchX(config-if)# Configuring the Switch

3 Configuring Switch Identification Sets the local identity for the switch

4 Example: SwitchX(config)#interface vlan 1 SwitchX(config-if)#ip address 10.5.5.11 255.255.255.0 SwitchX(config-if)#no shutdown Note: It is necessary to use the no shutdown command to make the interface operational. SwitchX(config)#interface vlan 1 SwitchX(config-if)#ip address {ip address} {mask} Configuring the Switch IP Address

5 SwitchX(config)#ip default-gateway 172.20.137.1 Example: SwitchX(config)#ip default-gateway {ip address} Configuring the Switch Default Gateway

6 Saving Configurations Copies the current configuration to NVRAM SwitchX# SwitchX#copy running-config startup-config Destination filename [startup-config]? Building configuration… SwitchX#

7 Configuring a Switch Password

8 Configuring the Login Banner – Defines and enables a customized banner to be displayed before the username and password login prompts. SwitchX# banner login " Access for authorized users only. Please enter your username and password. "

9 Telnet vs. SSH Access – Telnet Most common access method Insecure – SSH-encrypted !– The username command create the username and password for the SSH session Username cisco password cisco ip domain-name mydomain.com crypto key generate rsa ip ssh version 2 line vty 0 4 login local transport input ssh

10 Cisco Catalyst 2960 Series SwitchX(config-if)#switchport port-security [ mac-address mac-address | mac-address sticky [mac-address] | maximum value | violation {restrict | shutdown}] SwitchX(config)#interface fa0/5 SwitchX(config-if)#switchport mode access SwitchX(config-if)#switchport port-security SwitchX(config-if)#switchport port-security maximum 1 SwitchX(config-if)#switchport port-security mac-address sticky SwitchX(config-if)#switchport port-security violation shutdown Configuring Port Security

11 SwitchX#show port-security [interface interface-id] [address] [ | {begin | exclude | include} expression] SwitchX#show port-security interface fastethernet 0/5 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 20 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 1 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0 Verifying Port Security on the Catalyst 2960 Series

12 SwitchX#sh port-security Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action (Count) (Count) (Count) -------------------------------------------------------------------------- Fa0/5 1 1 0 Shutdown --------------------------------------------------------------------------- Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 SwitchX#sh port-security address Secure Mac Address Table ------------------------------------------------------------------- Vlan Mac Address Type Ports Remaining Age (mins) ---- ----------- ---- ----- ------------- 1 0008.dddd.eeee SecureConfigured Fa0/5 - ------------------------------------------------------------------- Total Addresses in System (excluding one mac per port) : 0 Max Addresses limit in System (excluding one mac per port) : 1024 Verifying Port Security on the Catalyst 2960 Series (Cont.)

13 Half Duplex (CSMA/CD)  Unidirectional data flow  Higher potential for collision  Hub connectivity Full Duplex  Point-to-point only  Attached to dedicated switched port  Requires full-duplex support on both ends  Collision-free  Collision detect circuit disabled Duplex Overview

14 Cisco Catalyst 2960 Series SwitchX(config)#interface fa0/1 SwitchX(config-if)#duplex {auto | full | half} Cisco Catalyst 2960 Series SwitchX(config)#interface fa0/1 SwitchX(config-if)#speed {10 | 100 | 1000 | auto} Setting Duplex and Speed Options

15 SwitchX#show interfaces fastethernet0/2 FastEthernet0/2 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 0008.a445.9b42 (bia 0008.a445.9b42) MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 10Mb/s input flow-control is unsupported output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:57, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 323479 packets input, 44931071 bytes, 0 no buffer Received 98960 broadcasts (0 multicast) 1 runts, 0 giants, 0 throttles 1 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 36374 multicast, 0 pause input 0 input packets with dribble condition detected 1284934 packets output, 103121707 bytes, 0 underruns Showing Duplex Options

16 Router Configuration 16

17 Locating Cisco IOS Software

18 Using the boot system Command

19 Configuration Register Values The order in which the router looks for system bootstrap information depends on the Boot Field setting in the configuration register. You can change the default configuration register setting with the global configuration mode command config-register. Use a hexadecimal number as the argument for this command.

20 Identifying Boot Image Source

21 Software Components in Memory

22 Fields in the IOS Name

23 The confreg Command

24 The tftpdnld Command

25 Configuring Router Passwords

26 Enhanced Username Password Security router(config)# username name secret {[0] password | 5 encrypted-secret} Uses MD5 hashing for strong password protection Better than the type 7 encryption found in service password- encryption command Boston(config)#username rtradmin secret 0 CISCO Boston(config)#username rtradmin secret 5 cisco router(config)# username name password {[0] password | 7 hidden-password} Traditional user configuration with plaintext password

27 Configuring Banner Messages router(config)# banner {exec | incoming | login | motd | slip-ppp} d message d Specifies what is “proper use” of the system Specifies that the system is being monitored Specifies that privacy should not be expected when using this system Boston(config)#banner motd % WARNING: You are connected to $(hostname) on the Cisco Systems, Incorporated network. Unauthorized access and use of this network will be vigorously prosecuted. %

28 Configuring Router Identification

29 RouterX(config)#interface type number RouterX(config-if)#  type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, tunnel, and so on  number is used to identify individual interfaces RouterX(config-if)#exit  Quits from current interface configuration mode RouterX(config)#interface type slot/port RouterX(config-if)#  For modular routers, selects an interface Configuring an Interface

30 RouterX(config-if)# description string  string is a comment or a description to help you remember what is attached to this interface.  The maximum number of characters for the string argument is 238. Configuring an Interface Description

31 Configuring interface description Rick Grazi ani grazia ni@c abrillo.edu 31

32 RouterX#configure terminal RouterX(config)#interface serial 0 RouterX(config-if)#no shutdown %LINK-3-UPDOWN: Interface Serial0, changed state to up %LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial0, changed state to up  Enables an interface that is administratively shut down RouterX#configure terminal RouterX(config)#interface serial 0 RouterX(config-if)#shutdown %LINK-5-CHANGED: Interface Serial0, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down  Administratively turns off an interface Disabling or Enabling an Interface

33 Configuring IP Addresses – Unique addressing allows communication between end stations – Path choice is based on destination address

34 Configuring Interfaces Router(config-if)#exit Router(config)#interface serial 0 Router(config-if)#ip add 172.16.10.1 255.255.255.0 Router(config-if)#clock rate 64000 (only if DCE) Router(config-if)#no shutdown Rick Grazi ani grazia ni@c abrillo.edu 34

35 Configuring an SSH Server for Secure Management and Reporting Austin2#configure terminal Austin2(config)#ip domain-name cisco.com Austin2(config)#crypto key generate rsa general-keys modulus 1024 Sept 22 13:20:45: %SSH-5-ENABLED: SSH 1.5 has been enabled Austin2(config)#ip ssh timeout 120 Austin2(config)#ip ssh authentication-retries 4 Austin2(config)#line vty 0 4 Austin2(config-line)#no transport input telnet Austin2(config-line)#transport input ssh Austin2(config-line)#end 1.Configure the IP domain name 2.Generate the RSA keys 3.Configure the SSH timeout interval 4.Configure the SSH retries 5.Disable vty inbound Telnet sessions 6.Enable vty inbound SSH sessions

36 Configuring a Static Default Route – The CPE can use a static default route to reach all remote destinations. ip route 0.0.0.0 0.0.0.0 interface number router(config)#

37 Host name resolution Router# ping 172.16.32.1 Router# ping Auckland Router# telnet 192.168.53.1 Router# telnet Beirut Router# traceroute 192.168.89.1 Router# traceroute Capetown Rick Grazi ani grazia ni@c abrillo.edu 37 The Cisco IOS software maintains a cache of host name-to-address mappings for use by EXEC commands. This cache speeds up the process of converting names to addresses. Host names, unlike DNS names, are significant only on the router on which they are configured. (DNS is also an option – later)

38 Host name resolution This does not make the router a DNS (Domain Name Server). This command does not turn your router into a DNS server. This command does not effect packets entering your router to be routed. This only affects the IOS commands entered at the router prompt. Multiple ip addresses can be entered in case one interface is down. It is usually a good idea to use the same list of names on all your router configs. Rick Grazi ani grazia ni@c abrillo.edu 38 Router(config)# ip host SantaCruz 172.16.32.1 192.168.53.1 Configuring Multiple IP Addresses

39 Configuring host tables Rick Grazi ani grazia ni@c abrillo.edu 39

40 show and debug Commands

41 Considerations When Using debug Commands – May generate output in a variety of formats that may not identify the problem – Require high overhead, possibly disrupting network device operation – Useful for obtaining information about network traffic and router status

42 Commands Related to debug service timestamps debug datetime msec RouteX(config)#  Adds a time stamp to a debug or log message no debug all RouteX#  Disables all debug commands show processes RouteX#  Displays the CPU utilization for each process RouteX# terminal monitor  Displays debug output on your current vty session

Download ppt "Cisco Router & Switch Configuration 1. Configuration modes:  Global configuration mode –SwitchX#configure terminal –SwitchX(config)#  Interface configuration."

Similar presentations

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.02-1 Ethernet LANs Maximizing the Benefits of Switching.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v Ethernet LANs Maximizing the Benefits of Switching.
Configuring Transparent Bridging and Integrated Routing and Bridging

Configuring Transparent Bridging and Integrated Routing and Bridging
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Ethernet LANs Starting a Switch.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Ethernet LANs Starting a Switch.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—5-1 Establishing Serial Point-To-Point Connections Configuring Serial Point-To-Point Encapsulation.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—5-1 Establishing Serial Point-To-Point Connections Configuring Serial Point-To-Point Encapsulation.
Ch. 6 – Switch Configuration CCNA 3 version 3.0. 2 Overview Identify the major components of a Catalyst switch Monitor switch activity and status using.

Ch. 6 – Switch Configuration CCNA 3 version Overview Identify the major components of a Catalyst switch Monitor switch activity and status using.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—6-1 Network Environment Management Managing Cisco Devices.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—6-1 Network Environment Management Managing Cisco Devices.
Question N°1 You are logged into a router and with to view the layer 3 information about your neighboring Cisco routers. What IOS command gives layer 3.

Question N°1 You are logged into a router and with to view the layer 3 information about your neighboring Cisco routers. What IOS command gives layer 3.
Cisco Router. Overview Understanding and configuring the Cisco Internetwork Operating System (IOS) Connecting to a router Bringing up a router Logging.

Cisco Router. Overview Understanding and configuring the Cisco Internetwork Operating System (IOS) Connecting to a router Bringing up a router Logging.
1 CCNA 2 v3.1 Module 3. 2 CCNA 2 Module 3 Configuring a Router.

1 CCNA 2 v3.1 Module 3. 2 CCNA 2 Module 3 Configuring a Router.
Introduction to the Cisco IOS

Introduction to the Cisco IOS
Ch. 7 – Switch Configuration

Ch. 7 – Switch Configuration
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
Ethernet LANs Operating Cisco IOS Software Chapter 2 -3.

Ethernet LANs Operating Cisco IOS Software Chapter 2 -3.
CCENT Review. Put the following descriptions in order from Layer 7 to Layer 1 and give the name of each layer.

CCENT Review. Put the following descriptions in order from Layer 7 to Layer 1 and give the name of each layer.
© 2004 Cisco Systems, Inc. All rights reserved. Operating and Configuring Cisco IOS Devices Configuring a Router INTRO v2.0—8-1.

© 2004 Cisco Systems, Inc. All rights reserved. Operating and Configuring Cisco IOS Devices Configuring a Router INTRO v2.0—8-1.
Advance Configuration IOS Commands. Overview of Router Modes Router(config)# Router>enable Router#config term Exit Ctrl-Z (end) User EXEC Mode Privileged.

Advance Configuration IOS Commands. Overview of Router Modes Router(config)# Router>enable Router#config term Exit Ctrl-Z (end) User EXEC Mode Privileged.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Initial Switch Configuration Internetworking Fundamentals Instructor: Abdirahman I. Abdi.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Initial Switch Configuration Internetworking Fundamentals Instructor: Abdirahman I. Abdi.
IST 228\Ch4\Cisco IOS1 What we will be able to do?

IST 228\Ch4\Cisco IOS1 What we will be able to do?
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—1-1 Configuring Catalyst Switch Operations Configuring a Catalyst Switch.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—1-1 Configuring Catalyst Switch Operations Configuring a Catalyst Switch.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 WAN Connections Configuring Serial Encapsulation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 WAN Connections Configuring Serial Encapsulation.

Similar presentations

Ads by Google