To know about basic switch configuration, let us first use a packet tracer network simulator software. Any network simulator can be used or also a real cisco switch. Until the selected software which you are using is containing the commands, then the difference in the output is not shown.
You can create or download a practice lab or the pre-created practice lab and you can do loading in the packet tracer.
The current topology in which we are using:
We have to use two 2960 series switches.
In those two switches the first one is Switch 1 (interface gig1/1) is there and second switch 2 is interface gig1/1 it is used across the cross cable.
Two PCs are connected with switch 1 on the interfaces like Eth0/1 and also Eth0/2 using through straight cable.
Switch 2 is also having the two PCs which is same like switch1, and these are connecting to the interfaces like Eth0/1 and also Eth0/2.
The configuration of IP addresses on all the PCs PC0 is 192.168.1.1/24 and PC1 is 192.168.1.2/24 and PC2 is 192.168.1.3/24 and PC3 is 192.168.1.4/24
You have to click on C1 and also click on the menu item CLI and you can press enter key.
Let us know how navigation happens between different switch command modes:
The cisco IOS is an IOS in which the cisco switches run on the OS that is proprietary. A combination of commands which are useful for monitoring and configuration and maintenance of cisco devices is known as IOS. These IOS commands are divided into the different command modes set which is useful for security and also can have easy administration.
Each and every mode of commands are having their own commands set. Depending upon the mode in which we are in, there is availability of commands which are for our use.
Let us consider some different IOS modes with examples:
Mode: User EXEC and its purpose is its possible for us to be connecting with the remote devices and also we can perform tests which are basic and we can also change terminals temporarily and we can also set and also list the system’s information. And User EXEC’s prompt is router> and the command which we use to enter is the “default mode” which is done after booting and you can login using the password if configuration is done and we also have a command to exit so we have to simply use the exit command.
And the next mode is privileged EXEC and it purpose is that it is possible for setting the operating parameters and it consists of level testing which is high and it also consists of list commands for example show, copy and also debugging and the prompt for this is router# and the command which we use to enter is we have to use “enable command” from the exec mode of the user and also we have a command for exiting and that is we have to use exit command. and the next mode is global configuration and its purpose is that it consists of the commands which affects the whole system and the prompt that we use is Router(config)# and the command to enter is that we have to use the “configure terminal” command from the exec mode which is privileged and we also have command to exit so we can use the “exit” command.
And the next mode is interface configuration and the purpose is that it consists of the commands which are useful for modifying the interface’s operations and the prompt which we use is Router(config-sub-if) and we have command to enter is that we have to use the interface “type sub interface” it is a number command which is from the global configuration mode or it can also be the interface configure mode. And the command to exit is we have to use exit for returning the before mode and we have to use the end command for returning the exec mode which is privileged.
And the next mode is that router uses it for creating the initial configuration and it is possible when configuration that is running is not present, and the prompt that we have is parameter[parameter value]: and its purpose is that the router inserts in the mode automatically when the configuration that is running is not present. and the command to enter is that we have to press CTRL+C for abort operation. And we have to type yes for saving the configuration, and you can also type no for exiting and there is no need of saving and this happens when it asks during the end of the setup
And the next mode is ROMMON and the purpose is that we use the router if it enters automatically in this mode, it means that its indicating that its failing to show a IOS image which is valid, and it also indicates that it’s the manual entrance which is in this mode and there is also a possibility of performing low-level diagnostics.
And the prompt is ROMMON> and the command for entering is that we have to enter reload command from the exec mode which is privileged and we have to press CTRL+C while the starting of booting process that is 60 seconds prior. And the command we use to exit is that we have to use exit command.
The switch gives us the context sensitive help and they are of two types:
One is word help and the another one is syntax help.
Now let us know about the word help:
Word help is useful for getting all available commands list which are starting with the particular letter, let us consider an example if the command starts with e letter, then we have to click on the key enter at the command prompt after typing e? then it will give all the commands which are starting with the letter e.
When we don’t know the particular command initial then We can give all the available commands list, and again let us consider an example if we want to give all the available commands which are at the user exec mode then we have to type ? which is at the command prompt and click on the key enter.
And the second help is command syntax help:
It is useful for getting the keywords list and also the commands and the parameters which are there, that we entered already before, and they are beginning with keywords, like enter? which is a question mark is made after clicking on the space key and the prompt will have all the available list of command options.
let us consider an example for knowing the required parameters we can use show ip ? and the prompt will have the associate parameters and when the prompts has only one option as <CR> which means that the additional parameters are not needed for the switches for completing the command and in the current condition we can also execute the command.
We can set the switch name from global configuration mode we have to use the hostname[desired hostname] command on the switch for setting the name.
Let us know how to set the passwords on a catalyst switch:
Passwords are useful for restricting the switch to the physical access. Cisco switch is useful for supporting the console line which is useful for local login and for remote logins the VTYs are used. The supported lines must be secured that are useful for user exec mode, suppose if we are having VTYs line and that leaves the console line to be not secured then the advantage can be taken by the intruder by connecting to the devices, the authentication will be the same if you are connected with device once and separate configurations are not needed for any other modes.
We can set the passwords from their own line modes, from the global configuration mode we have to enter the line mode. Virtual terminal is the VTY it is a telnet or SSH. Switch supports more than 1000 VTY s lines , the starting five (0-4) are default and these lines are allowed and if there is requirement of more lines we have to allow the lines manually 16 lines are supported by the 2960 series switch and we are allowed to set for each line, a separate password, and we have to give a line number and we have to set the passwords as common for all the lines that are present.
And these methods are useful for smaller companies and in those companies network administrators numbers are very few in this method we shared the passwords with all the network administrators in the company and then the local and remote server’s authentication are supported by the server, the complex process is remote server authentication.
And the switch lets us in setting the passwords separately for each and every user and this case is local database authentication and in this 2 global configurations commands are there for setting the local user database and these two has the same job to do and we are using this secret option instead of password option because the secret password option is there in MD5 encryption format and password option is there in plain text so there is no security in using this simple password option the secret command does have encrypted code we have to use the secret command and that replaces password command
I have you have read the article on Basic Switch Configuration and understood it