Abstract image of a woman sitting on books and studying on a laptop

Basic switch management

P
Pawandeep Singh

Catalyst switches support either the CatOS or Cisco IOS operating system, with newer switches using IOS. The IOS interface uses modes like user EXEC, privileged EXEC, and global configuration to manage and configure the switch. Passwords can be set on privileged access and virtual terminal lines to control access. Configuration and diagnostic files are stored in flash memory and RAM to save and run the switch configuration.

Business
1 of 7
Download to read offline
1
2
3
4
5
6
7
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 1 - Basic Switch Management - Catalyst Operating Systems Catalyst switches, depending on the model, support one of two possible operating systems: • Catalyst OS (CatOS) • IOS The CatOS is an antiquated interface based on “set” commands. Retired Catalyst models such as the 40xx and 50xx series supported the CatOS interface. Modern Catalyst switches support the Cisco IOS, enhanced with switching- specific commands. Catalyst models that support the Cisco IOS include: • 29xx series • 35xx series • 37xx series • 45xx series • 49xx series • 65xx series The Cisco IOS interface on Catalyst switches is nearly identical to that of the router IOS (with the exception of the switching-specific commands). The IOS is covered in great detail in other guides on this site, specifically: • Router Components • Introduction to the Cisco IOS • Advanced IOS Functions Some basic IOS concepts will be reviewed in this guide. For more comprehensive information, please consult the above guides.
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 2 Using Lines to Configure the IOS Three methods (or lines) exist to configure Cisco IOS devices (including Catalyst switches): • Console ports • Auxiliary ports • VTY (telnet) ports Nearly every modern Cisco router or switch includes a console port, sometimes labeled on the device simply as con. The console port is generally a RJ-45 connector, and requires a rollover cable to connect to. The opposite side of the rollover cable connects to a PC’s serial port using a serial terminal adapter. From the PC, software such as HyperTerminal is required to make a connection from the local serial port to the router console port. The following settings are necessary for a successful connection: • Bits per second - 9600 baud • Data bits - 8 • Parity - None • Stop bits - 1 • Flow Control - Hardware Some Cisco devices include an auxiliary port, in addition to the console port. The auxiliary port can function similarly to a console port, and can be accessed using a rollover cable. Additionally, auxiliary ports support modem commands, thus providing dial-in access to Cisco devices. Telnet, and now SSH, are the most common methods of remote access to routers and switches. The standard edition of the IOS supports up to 5 simultaneous VTY connections. Enterprise editions of the IOS support up to 255 VTY connections. There are two requirements before a Catalyst switch will accept a VTY connection: • An IP address must be configured on the Management VLAN (by default, this is VLAN 1) • At least one VTY port must be configured with a password
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 3 IOS Modes on Cisco Catalyst Switches The Cisco IOS is comprised of several modes, each of which contains a set of commands specific to the function of that mode. By default, the first mode you enter when logging into a Cisco device is User EXEC mode. User mode appends a “>” after the device hostname: Switch> No configuration can be changed or viewed from User mode. Only basic status information can be viewed from this mode. Privileged EXEC mode allows all configuration files, settings, and status information to be viewed. Privileged mode appends a “#” after the device hostname: Switch# To enter Privileged mode, type enable from User mode: Switch> enable Switch# To return back to User mode from Privileged mode, type disable: Switch# disable Switch> Very little configuration can be changed directly from Privileged mode. Instead, to actually configure the Cisco device, one must enter Global Configuration mode: Switch(config)# To enter Global Configuration mode, type configure terminal from Privileged Mode: Switch# configure terminal Switch(config)# To return back to Privileged mode, type exit: Switch(config)# exit Switch#
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 4 IOS Modes on Cisco Catalyst Switches (continued) As its name implies, Global Configuration mode allows parameters that globally affect the device to be changed. Additionally, Global Configuration mode is sectioned into several sub-modes dedicated for specific functions. Among the most common sub-modes are the following: • Interface Configuration mode - Switch(config-if)# • Line Configuration mode - Switch(config-line)# Recall the difference between interfaces and lines. Interfaces connect routers and switches to each other. In other words, traffic is actually routed or switched across interfaces. Examples of interfaces include Serial, ATM, Ethernet, Fast Ethernet, and Token Ring. To configure an interface, one must specify both the type of interface, and the interface number (which always begins at “0”). Thus, to configure the first Ethernet interface on a router: Switch(config)# interface ethernet 0 Switch(config-if)# Lines identify ports that allow us to connect into, and then configure, Cisco devices. Examples would include console ports, auxiliary ports, and VTY (or telnet) ports. Just like interfaces, to configure a line, one must specify both the type of line, and the line number (again, always begins at “0”). Thus, to configure the first console line on a switch: Switch(config)# line console 0 Switch(config-line)# Multiple telnet lines can be configured simultaneously. To configure the first sixteen telnet (or VTY) lines on a switch: Switch(config)# line vty 0 15 Switch(config-line)# Notice that Catalyst switches natively support up to 16 VTY connections. A Cisco router running the standard IOS supports up to 5 VTY connections. Remember that the numbering for both interfaces and lines begins with “0.”
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 5 Enable Passwords The enable password protects a switch’s Privileged mode. This password can be set or changed from Global Configuration mode: Switch(config)# enable password MYPASSWORD Switch(config)# enable secret MYPASSWORD2 The enable password command sets an unencrypted password intended for legacy systems that do not support encryption. It is no longer widely used. The enable secret command sets an MD5-hashed password, and thus is far more secure. The enable password and enable secret passwords cannot be identical. The switch will not accept identical passwords for these two commands. Line Passwords and Configuration Passwords can additionally be configured on switch lines, such as telnet (vty), console, and auxiliary ports. To change the password for a console port and all telnet ports: Switch(config)# line console 0 Switch(config-line)# login Switch(config-line)# password cisco1234 Switch(config-line)# exec-timeout 0 0 Switch(config-line)# logging synchronous Switch(config)# line vty 0 15 Switch(config-line)# login Switch(config-line)# password cisco1234 Switch(config-line)# exec-timeout 0 0 Switch(config-line)# logging synchronous The exec-timeout 0 0 command is optional, and disables the automatic timeout of your connection. The two zeroes represent the timeout value in minutes and seconds, respectively. Thus, to set a timeout for 2 minutes and 30 seconds: Switch(config-line)# exec-timeout 2 30 The logging synchronous command is also optional, and prevents system messages from interrupting your command prompt. By default, line passwords are stored in clear-text in configuration files. To ensure these passwords are encrypted in all configuration files: Switch(config)# service password–encryption
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 6 Catalyst Configuration Files Like Cisco routers, Catalyst switches employ a startup-config file (stored in NVRAM) and a running-config (stored in RAM). The startup-config is the saved configuration used when a router boots, and the running-config is the currently active configuration. Any configuration change made to an IOS device is made to the running- config. Because the running-config file is stored in RAM, the contents of this file will be lost during a power-cycle. To save the contents of the running-config to the startup-config file: Switch# copy run start Catalyst switches additionally employ the following configuration and diagnostic files, all stored in Flash memory: • vlan.dat • system_env_vars • crashinfo The vlan.dat file contains a list all created VLANs, and includes any VTP specific information. The vlan.dat file does not contain information on interface-to-VLAN assignments (which is stored in the startup-config). The system_env_vars file contains environmental information specific to the Catalyst switch, including serial/model numbers and MAC addresses. The crashinfo file contains memory-dump information about previous switch failures. To delete all files in flash: Switch# erase flash: To delete a specific file in flash: Switch# erase flash:FILENAME To delete a specific file in flash: Switch# format flash: To upload an IOS image file from a TFTP server to flash: Switch# copy tftp: flash:FILENAME
Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 7 Configuring Telnet Access on Catalyst Switches Recall the two requirements to configure a Catalyst switch for VTY access: • An IP address must be configured on the Management VLAN (by default, this is VLAN 1) • At least one VTY port must be configured with a password. Configuring passwords on VTY lines was covered previously: Switch(config)# line vty 0 15 Switch(config-line)# login Switch(config-line)# password cisco1234 To assign an IP address to the Management VLAN: Switch(config)# interface vlan 1 Switch(config-if)# ip address 192.168.123.151 255.255.255.0 Switch(config-if)# no shut

More Related Content

PPT
Day 13.1..1 catalyst switch
CYBERINTELLIGENTS
 
DOCX
Cisco router configuration
vin424
 
PPT
Intro to router_config
97148881557
 
PPT
Access Control List 1
Kishore Kumar
 
PDF
MYC-C7Z015 CPU Module
Linda Zhang
 
PPT
Cisco ACL
faust0
 
PPT
Cis81 ccna1v5-2-configuring networkoperatingsystem
Betselove
 
PPT
04 module operating & configuring ios
Asif
 
Day 13.1..1 catalyst switch
CYBERINTELLIGENTS
 
Cisco router configuration
vin424
 
Intro to router_config
97148881557
 
Access Control List 1
Kishore Kumar
 
MYC-C7Z015 CPU Module
Linda Zhang
 
Cisco ACL
faust0
 
Cis81 ccna1v5-2-configuring networkoperatingsystem
Betselove
 
04 module operating & configuring ios
Asif
 

What's hot (20)

PPT
Multi Static Routng & Default Routing
Kishore Kumar
 
PPT
Initial Configuration of Router
Kishore Kumar
 
PPT
OSPF 3
Kishore Kumar
 
PPT
operating and configuring cisco a cisco IOS device
scooby_doo
 
PPTX
CCNA ppt Day 7
VISHNU N
 
PPTX
CCNA at a glance
Vikas Raut
 
PPTX
How to configure Default Routing
tcpipguru
 
PPT
Day 13.1 startingaswitch
CYBERINTELLIGENTS
 
DOCX
Cisco 1921 vs. cisco 1941 vs. cisco 2901
IT Tech
 
PDF
Important cisco-chow-commands
ssusere31b5c
 
PDF
Routconf
97148881557
 
PPT
CCNA part 7 acl
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
PPT
Day 5.2 startingarouter
CYBERINTELLIGENTS
 
PPTX
Initial router and switch configuration
Hari Prasetyo Utomo
 
PPTX
Windows Server on Cisco UCS – Simplify Your Operations!
Microsoft TechNet - Belgium and Luxembourg
 
PDF
Mg90 h102 ethernet master
Marcos Romanholo
 
PPT
OSPF 2
Kishore Kumar
 
PDF
Amp si3540 specsheet
Electromate
 
PDF
IBM Flex System FC3171 8Gb SAN Switch and Pass-thru
IBM India Smarter Computing
 
PDF
ROUTER Rb2011 uas 2hnd
Jeffer Cabana
 
Multi Static Routng & Default Routing
Kishore Kumar
 
Initial Configuration of Router
Kishore Kumar
 
OSPF 3
Kishore Kumar
 
operating and configuring cisco a cisco IOS device
scooby_doo
 
CCNA ppt Day 7
VISHNU N
 
CCNA at a glance
Vikas Raut
 
How to configure Default Routing
tcpipguru
 
Day 13.1 startingaswitch
CYBERINTELLIGENTS
 
Cisco 1921 vs. cisco 1941 vs. cisco 2901
IT Tech
 
Important cisco-chow-commands
ssusere31b5c
 
Routconf
97148881557
 
CCNA part 7 acl
Sandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Day 5.2 startingarouter
CYBERINTELLIGENTS
 
Initial router and switch configuration
Hari Prasetyo Utomo
 
Windows Server on Cisco UCS – Simplify Your Operations!
Microsoft TechNet - Belgium and Luxembourg
 
Mg90 h102 ethernet master
Marcos Romanholo
 
OSPF 2
Kishore Kumar
 
Amp si3540 specsheet
Electromate
 
IBM Flex System FC3171 8Gb SAN Switch and Pass-thru
IBM India Smarter Computing
 
ROUTER Rb2011 uas 2hnd
Jeffer Cabana
 
Ad

Similar to Basic switch management (20)

PPT
04- Module Operating & Configuring IOS.ppt
qaiserfareedjadoon2
 
PPTX
CCNA ppt Day 4
VISHNU N
 
DOC
Cisco switch commands cheat sheet
3Anetwork com
 
PPTX
1627478708347_Chapter 1.pptx
TesfaMinuyelet
 
PDF
Manual cisco 2950
liviuisr
 
PPT
Switch configuration
Muuluu
 
PPT
Ccna day2
Sabiulla Barkathullah
 
PPT
Ccna 2
Reetesh Gupta
 
PPT
Ccna day2
Vijay Kumar
 
PPT
Ccna day2
AHMED NADIM JILANI
 
PDF
Ccna day2-140715152313-phpapp02
Sachin Morya
 
PPTX
Ccna PPT2
AIRTEL
 
PPT
Ccna day2
danishrafiq
 
PDF
Cisco 2960 Switch Configuration
kabisurya
 
PPTX
lab2_2.pptx
RobelTsada
 
PDF
Cisco IOS in a Nutshell 2nd ed Edition James Boney
phobiasuihi
 
PPTX
INTRODUCTION TO IOS AND CISCO ROUTERS
anilinvns
 
PPT
Switch configuration
Muuluu
 
PPTX
Chapter 2-Bascs of Switch & Router (1).pptx
desalewminale
 
PPT
Day 13 2 switch config
CYBERINTELLIGENTS
 
04- Module Operating & Configuring IOS.ppt
qaiserfareedjadoon2
 
CCNA ppt Day 4
VISHNU N
 
Cisco switch commands cheat sheet
3Anetwork com
 
1627478708347_Chapter 1.pptx
TesfaMinuyelet
 
Manual cisco 2950
liviuisr
 
Switch configuration
Muuluu
 
Ccna day2
Sabiulla Barkathullah
 
Ccna 2
Reetesh Gupta
 
Ccna day2
Vijay Kumar
 
Ccna day2
AHMED NADIM JILANI
 
Ccna day2-140715152313-phpapp02
Sachin Morya
 
Ccna PPT2
AIRTEL
 
Ccna day2
danishrafiq
 
Cisco 2960 Switch Configuration
kabisurya
 
lab2_2.pptx
RobelTsada
 
Cisco IOS in a Nutshell 2nd ed Edition James Boney
phobiasuihi
 
INTRODUCTION TO IOS AND CISCO ROUTERS
anilinvns
 
Switch configuration
Muuluu
 
Chapter 2-Bascs of Switch & Router (1).pptx
desalewminale
 
Day 13 2 switch config
CYBERINTELLIGENTS
 
Ad

Recently uploaded (20)

PPTX
Project Management_ SMART Projects Class.pptx
ravindra661395
 
PDF
THE COMPLETE GUIDE TO BUILDING PASSIVE INCOME ONLINE
Malcolm86
 
PPTX
IITM - FINAL Option - 01 - 12.08.25.pptx
MukeshAssociates2
 
PPTX
TRAINNING, DEVELOPMENT AND APPRAISAL.pptx
sy2773667
 
PDF
Ron Thomas - Top Influential Business Leaders Shaping the Modern Industry – 2025
themenabusinessrevie
 
PPT
Lecture notes on Business Research Methods
obedgyan3
 
DOCX
Hand book of Entrepreneurship 4 Chapters.docx
DrSubinKMohan
 
PPTX
BUSINESS CYCLE_INFLATION AND UNEMPLOYMENT.pptx
TasmiaThalil
 
PDF
Tortilla Mexican Grill 发射点犯得上发射点发生发射点犯得上发生
ssun243
 
PPTX
2 - Self & Personality 587689213yiuedhwejbmansbeakjrk
inshu28231804
 
PDF
#1 Safe and Secure Verified Cash App Accounts for Purchase.pdf
Buy Verified Cash App Accounts
 
PDF
ICv2 White Paper - Gen Con Trade Day 2025
DennisViau
 
PPTX
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
Pars Six Sigma Excellence
 
PPT
Lecture 3344;;,,(,(((((((((((((((((((((((
princessbliss09
 
PPTX
chapter 2 entrepreneurship full lecture ppt
annejo20
 
PDF
Solaris Resources Presentation - Corporate August 2025.pdf
pchambers2
 
PDF
Nante Industrial Plug Factory: Engineering Quality for Modern Power Applications
gdhdgee963
 
PDF
533158074-Saudi-Arabia-Companies-List-Contact.pdf
Shaik Abubakr Siddiqui
 
PDF
TyAnn Osborn: A Visionary Leader Shaping Corporate Workforce Dynamics
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 
DOCX
Handbook of Entrepreneurship- Chapter 5: Identifying business opportunity.docx
DrSubinKMohan
 
Project Management_ SMART Projects Class.pptx
ravindra661395
 
THE COMPLETE GUIDE TO BUILDING PASSIVE INCOME ONLINE
Malcolm86
 
IITM - FINAL Option - 01 - 12.08.25.pptx
MukeshAssociates2
 
TRAINNING, DEVELOPMENT AND APPRAISAL.pptx
sy2773667
 
Ron Thomas - Top Influential Business Leaders Shaping the Modern Industry – 2025
themenabusinessrevie
 
Lecture notes on Business Research Methods
obedgyan3
 
Hand book of Entrepreneurship 4 Chapters.docx
DrSubinKMohan
 
BUSINESS CYCLE_INFLATION AND UNEMPLOYMENT.pptx
TasmiaThalil
 
Tortilla Mexican Grill 发射点犯得上发射点发生发射点犯得上发生
ssun243
 
2 - Self & Personality 587689213yiuedhwejbmansbeakjrk
inshu28231804
 
#1 Safe and Secure Verified Cash App Accounts for Purchase.pdf
Buy Verified Cash App Accounts
 
ICv2 White Paper - Gen Con Trade Day 2025
DennisViau
 
Board-Reporting-Package-by-Umbrex-5-23-23.pptx
Pars Six Sigma Excellence
 
Lecture 3344;;,,(,(((((((((((((((((((((((
princessbliss09
 
chapter 2 entrepreneurship full lecture ppt
annejo20
 
Solaris Resources Presentation - Corporate August 2025.pdf
pchambers2
 
Nante Industrial Plug Factory: Engineering Quality for Modern Power Applications
gdhdgee963
 
533158074-Saudi-Arabia-Companies-List-Contact.pdf
Shaik Abubakr Siddiqui
 
TyAnn Osborn: A Visionary Leader Shaping Corporate Workforce Dynamics
CIO WOMEN MAGAIZNE CIO WOMEN MAGAIZNE
 
Handbook of Entrepreneurship- Chapter 5: Identifying business opportunity.docx
DrSubinKMohan
 

Basic switch management

  • 1. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 1 - Basic Switch Management - Catalyst Operating Systems Catalyst switches, depending on the model, support one of two possible operating systems: • Catalyst OS (CatOS) • IOS The CatOS is an antiquated interface based on “set” commands. Retired Catalyst models such as the 40xx and 50xx series supported the CatOS interface. Modern Catalyst switches support the Cisco IOS, enhanced with switching- specific commands. Catalyst models that support the Cisco IOS include: • 29xx series • 35xx series • 37xx series • 45xx series • 49xx series • 65xx series The Cisco IOS interface on Catalyst switches is nearly identical to that of the router IOS (with the exception of the switching-specific commands). The IOS is covered in great detail in other guides on this site, specifically: • Router Components • Introduction to the Cisco IOS • Advanced IOS Functions Some basic IOS concepts will be reviewed in this guide. For more comprehensive information, please consult the above guides.
  • 2. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 2 Using Lines to Configure the IOS Three methods (or lines) exist to configure Cisco IOS devices (including Catalyst switches): • Console ports • Auxiliary ports • VTY (telnet) ports Nearly every modern Cisco router or switch includes a console port, sometimes labeled on the device simply as con. The console port is generally a RJ-45 connector, and requires a rollover cable to connect to. The opposite side of the rollover cable connects to a PC’s serial port using a serial terminal adapter. From the PC, software such as HyperTerminal is required to make a connection from the local serial port to the router console port. The following settings are necessary for a successful connection: • Bits per second - 9600 baud • Data bits - 8 • Parity - None • Stop bits - 1 • Flow Control - Hardware Some Cisco devices include an auxiliary port, in addition to the console port. The auxiliary port can function similarly to a console port, and can be accessed using a rollover cable. Additionally, auxiliary ports support modem commands, thus providing dial-in access to Cisco devices. Telnet, and now SSH, are the most common methods of remote access to routers and switches. The standard edition of the IOS supports up to 5 simultaneous VTY connections. Enterprise editions of the IOS support up to 255 VTY connections. There are two requirements before a Catalyst switch will accept a VTY connection: • An IP address must be configured on the Management VLAN (by default, this is VLAN 1) • At least one VTY port must be configured with a password
  • 3. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 3 IOS Modes on Cisco Catalyst Switches The Cisco IOS is comprised of several modes, each of which contains a set of commands specific to the function of that mode. By default, the first mode you enter when logging into a Cisco device is User EXEC mode. User mode appends a “>” after the device hostname: Switch> No configuration can be changed or viewed from User mode. Only basic status information can be viewed from this mode. Privileged EXEC mode allows all configuration files, settings, and status information to be viewed. Privileged mode appends a “#” after the device hostname: Switch# To enter Privileged mode, type enable from User mode: Switch> enable Switch# To return back to User mode from Privileged mode, type disable: Switch# disable Switch> Very little configuration can be changed directly from Privileged mode. Instead, to actually configure the Cisco device, one must enter Global Configuration mode: Switch(config)# To enter Global Configuration mode, type configure terminal from Privileged Mode: Switch# configure terminal Switch(config)# To return back to Privileged mode, type exit: Switch(config)# exit Switch#
  • 4. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 4 IOS Modes on Cisco Catalyst Switches (continued) As its name implies, Global Configuration mode allows parameters that globally affect the device to be changed. Additionally, Global Configuration mode is sectioned into several sub-modes dedicated for specific functions. Among the most common sub-modes are the following: • Interface Configuration mode - Switch(config-if)# • Line Configuration mode - Switch(config-line)# Recall the difference between interfaces and lines. Interfaces connect routers and switches to each other. In other words, traffic is actually routed or switched across interfaces. Examples of interfaces include Serial, ATM, Ethernet, Fast Ethernet, and Token Ring. To configure an interface, one must specify both the type of interface, and the interface number (which always begins at “0”). Thus, to configure the first Ethernet interface on a router: Switch(config)# interface ethernet 0 Switch(config-if)# Lines identify ports that allow us to connect into, and then configure, Cisco devices. Examples would include console ports, auxiliary ports, and VTY (or telnet) ports. Just like interfaces, to configure a line, one must specify both the type of line, and the line number (again, always begins at “0”). Thus, to configure the first console line on a switch: Switch(config)# line console 0 Switch(config-line)# Multiple telnet lines can be configured simultaneously. To configure the first sixteen telnet (or VTY) lines on a switch: Switch(config)# line vty 0 15 Switch(config-line)# Notice that Catalyst switches natively support up to 16 VTY connections. A Cisco router running the standard IOS supports up to 5 VTY connections. Remember that the numbering for both interfaces and lines begins with “0.”
  • 5. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 5 Enable Passwords The enable password protects a switch’s Privileged mode. This password can be set or changed from Global Configuration mode: Switch(config)# enable password MYPASSWORD Switch(config)# enable secret MYPASSWORD2 The enable password command sets an unencrypted password intended for legacy systems that do not support encryption. It is no longer widely used. The enable secret command sets an MD5-hashed password, and thus is far more secure. The enable password and enable secret passwords cannot be identical. The switch will not accept identical passwords for these two commands. Line Passwords and Configuration Passwords can additionally be configured on switch lines, such as telnet (vty), console, and auxiliary ports. To change the password for a console port and all telnet ports: Switch(config)# line console 0 Switch(config-line)# login Switch(config-line)# password cisco1234 Switch(config-line)# exec-timeout 0 0 Switch(config-line)# logging synchronous Switch(config)# line vty 0 15 Switch(config-line)# login Switch(config-line)# password cisco1234 Switch(config-line)# exec-timeout 0 0 Switch(config-line)# logging synchronous The exec-timeout 0 0 command is optional, and disables the automatic timeout of your connection. The two zeroes represent the timeout value in minutes and seconds, respectively. Thus, to set a timeout for 2 minutes and 30 seconds: Switch(config-line)# exec-timeout 2 30 The logging synchronous command is also optional, and prevents system messages from interrupting your command prompt. By default, line passwords are stored in clear-text in configuration files. To ensure these passwords are encrypted in all configuration files: Switch(config)# service password–encryption
  • 6. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 6 Catalyst Configuration Files Like Cisco routers, Catalyst switches employ a startup-config file (stored in NVRAM) and a running-config (stored in RAM). The startup-config is the saved configuration used when a router boots, and the running-config is the currently active configuration. Any configuration change made to an IOS device is made to the running- config. Because the running-config file is stored in RAM, the contents of this file will be lost during a power-cycle. To save the contents of the running-config to the startup-config file: Switch# copy run start Catalyst switches additionally employ the following configuration and diagnostic files, all stored in Flash memory: • vlan.dat • system_env_vars • crashinfo The vlan.dat file contains a list all created VLANs, and includes any VTP specific information. The vlan.dat file does not contain information on interface-to-VLAN assignments (which is stored in the startup-config). The system_env_vars file contains environmental information specific to the Catalyst switch, including serial/model numbers and MAC addresses. The crashinfo file contains memory-dump information about previous switch failures. To delete all files in flash: Switch# erase flash: To delete a specific file in flash: Switch# erase flash:FILENAME To delete a specific file in flash: Switch# format flash: To upload an IOS image file from a TFTP server to flash: Switch# copy tftp: flash:FILENAME
  • 7. Basic Switch Management v1.21 – Aaron Balchunas * * * All original material copyright © 2007 by Aaron Balchunas (aaron@routeralley.com), unless otherwise noted. All other material copyright © of their respective owners. This material may be copied and used freely, but may not be altered or sold without the expressed written consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com. 7 Configuring Telnet Access on Catalyst Switches Recall the two requirements to configure a Catalyst switch for VTY access: • An IP address must be configured on the Management VLAN (by default, this is VLAN 1) • At least one VTY port must be configured with a password. Configuring passwords on VTY lines was covered previously: Switch(config)# line vty 0 15 Switch(config-line)# login Switch(config-line)# password cisco1234 To assign an IP address to the Management VLAN: Switch(config)# interface vlan 1 Switch(config-if)# ip address 192.168.123.151 255.255.255.0 Switch(config-if)# no shut