What Type Of Information Register In A Cisco Switch

How to Configure Cisco Switch: A Stride-by-Step Guide with Commands

Configuring a Cisco switch properly ways your network tin make connections efficiently. In this footstep-past-step guide, we walk you lot through configuring Cisco switches and expect at some FAQs.

When we retrieve of connectivity in a network, the router is probably the outset device that comes to mind, but switches play a vital office in enabling network devices to communicate.

Switches tin can have incoming/outgoing traffic and pass it onward toward its final destination. Cisco is one of the most well-known switch vendors on the marketplace and in this commodity, we're going to look at how to configure Cisco switches with PuTTY and from the command-line.

Getting Started with Cisco Switch Commands

Before we begin, get to know what hardware you're using, fire upwardly your CLI and download PuTTY.

The offset stride is to check what hardware you lot're using before yous brainstorm. If y'all're using a Cisco switch yous need to know what model you have. You also want to check the physical state of the device and verify that none of the cables are damaged. You can turn the router on to make sure in that location is no damage to the lighting/indicators.

Now that you've made sure the device is in working social club you lot're ready to start configuring. In this guide, nosotros're going to perform a Cisco switch configuration through the command-line interface (CLI) with the open-source SSH/Telnet client PuTTY (although yous can utilise another tool if yous prefer). If for any reason putty is not an option for your setup, you tin can get similar results with a PuTTY culling.

1. Connect the Switch to PuTTY

To showtime configuration, yous desire to connect the switch console to PuTTY. Y'all can do this by doing the post-obit:

1. Connect the switch to PuTTY with a 9-pivot series cable.
2. Now open up PuTTY and the PuTTY Configuration window will brandish. Go to the Connexion blazon settings and check the Series option (shown beneath).
   
3. Go to the Category listing department on the left-hand side and select the Serial option.
4. When the options controlling local series lines page displays enter the COM port your network is connected to in the Series line to connect to box eastward.g. COM1.
5. Next, enter the digital manual speed of your switch model. For 300 and 500 Series Managed Switches, this is 115200.
6. Go to the Data bits field and enter 8.
7. Now go to the Stops bits field and enter 1.
8. Click on the Parity driblet-down bill of fare and select the None option.
9. Go to the Flow Command drop-down menu and select the None option.

Salve Your Settings and Start the PuTTY CLI

To save your PuTTY settings for your next session do the post-obit:

1. Click on the Session option from the Category list on the left-hand side of the folio.
   
2. Go to the Saved Session field and enter a name for your settings eastward.yard. Comparitech.
3. Click the Save push button to shop the settings.
4. Printing the Open button at the lesser of the page to launch the CLI.

The following message will brandish in the command prompt:

          Switch>        

ii. Enter Privileged EXEC Mode and Set a Hostname for the Switch

Type in the enable control to enter privileged EXEC fashion (you don't need a password at this phase considering y'all're under the default configurations which don't have one!):

          Enable        

Next, enter Global Configuration Mode and enter the following command:

          Switch# configure terminal          Switch(config)#        

You can brand the switch easier to locate in the network by assigning a hostname. Enter the post-obit command to assign a hostname:

          Switch(config)# hostname access-switch1          admission-switch1(config)#1        

3. Assign a Password to the Switch

One time you've assigned a hostname you volition desire to create a password to control who has access to the privileged EXEC style (to prevent everyone from being able to log in). To assign an administrator password to enter the following command:

          access-switch1(config)# enable secret COMPARI7ECH        

Remember to selection a potent password and then that it's harder to effigy out.

4. Configure Telnet and Panel Access Passwords

The next step is to configure passwords for Telnet and panel access. Configuring passwords for these is important considering it makes your switch more secure. If someone without say-so gains telnet admission then it puts your network at serious risk. Yous can configure passwords by entering the post-obit lines (Meet the top paragraph for Telnet and the bottom paragraph for Panel admission).

Telnet

          access-switch1(config)# line vty 0 xv          access-switch1(config-line)# countersign                                COMPARI7ECH                    access-switch1(config-line)# login          admission-switch1(config-line)# leave          access-switch1(config)#        

Console

          admission-switch1(config)# line panel 0          access-switch1(config-line)# countersign                                COMPARI7ECH                    access-switch1(config-line)# login          access-switch1(config-line)# exit          admission-switch1(config)#        

5. Configure IP Addresses With Telnet Access

The adjacent step is to decide which IP addresses volition have access to Telnet, and add them with the PuTTY CLI. To select permitted IP'southward enter the following control (supplant the listed IPs with the IPs of the components you want to grant permission to):

          admission-switch1(config)# ip access-list standard TELNET-ACCESS          admission-switch1(config-std-nacl)# permit 216.174.200.21          access-switch1(config-std-nacl)# let 216.174.200.21          admission-switch1(config-std-nacl)# exit        

Y'all can also configure your network's access control lists (ACLs) to virtual concluding (VTY) lines. ACLs ensure that simply the administrator can connect to the router through Telnet.

          access-switch1(config)# line vty 0 15          access-switch1(config-line)# access-course TELNET-Access in          access-switch1(config-line)# go out          access-switch1(config)#        

6. Configure a Network Management IP address (or Management Interface)

Adjacent, you need to configure a network direction IP address. Switches don't come with an IP accost by default, meaning that you can't connect to it with Telnet or SSH. To solve this problem you can select a virtual LAN(VLAN) on the switch and create a virtual interface with an IP accost. You can do this by entering the following command:

          access-switch1(config)# interface vlan 1          access-switch1(config-if)# ip address 10.1.1.200 255.255.255.0          access-switch1(config-if)# get out          access-switch1(config)#        

The new IP management address is located in VLAN1, which other computers will now use to connect.

7. Assign a Default Gateway to the Switch

At this stage, you want to assign a default gateway to the switch. The default gateway is essentially the address of the router that the switch volition be communicating with. If you don't configure a default gateway and so VLAN1 will exist unable to send traffic to another network. To assign the default gateway, enter the command below (change the IP accost to that of your router).

          access-switch1(config)# ip default-gateway 10.one.1.254        

8. Disable Unused Open Ports

Equally a best practice, it is a good thought to disable any unused open up ports on the switch. Cyber-criminals often use unsecured ports every bit a way to breach a network. Closing these ports down reduces the number of entry points into your network and makes your switch more secure. Enter the range of ports you want to close by entering the following control (yous would change 0/25-48 to the ports that yous want to close):

          access-switch1(config)# interface range fe 0/25-48          admission-switch1(config-if-range)# shutdown          admission-switch1(config-if-range)# exit          admission-switch1(config)#        

9. Save Your Organisation Configuration Settings

In one case you've finished configuring the router information technology'due south time to save your system configuration. Saving the configuration volition make sure that your settings are the same when you open up up your next session. To save enter the following command:

          access-switch1(config)# exit            access-switch1# wr                  

Always retrieve to save any changes to your settings before closing the CLI.

x. Configure NetFlow to Manage Your Cisco Switch (Optional)

It is also a good idea to use a network traffic analyzer to monitor network traffic. Every bit a Cisco device, your switch volition have the communication protocol NetFlow. However, it must be configured outset. You tin configure NetFlow by completing the four steps beneath. Earlier we begin, enter Global Configuration Fashion by executing the post-obit command:

          Switch# configure terminal        

Create a flow record

1. The first step is to create a flow record (you lot tin change the name). You tin can do this by entering the following command:

                 #flow record Comparitechrecord            

2. After you've entered the previous command you need to set the IPv4 source address, IPv4 destination address, iPv4 protocol, transport source-port, ship destination-port, IPv4 dos, interface input, and interface output. Y'all can do this by entering the following command:

                 Switch# lucifer ipv4 source accost              Switch# match ipv4 destination address              Switch# match ipv4 protocol              Switch# match transport source-port              Switch# friction match transport destination-port              Switch# match ipv4 tos              Switch# match interface input              Switch# collect interface output            

3. To finish configuring the flow record and define the type of data you're going to collect, enter the following switch configuration commands:

                 Switch# collect interface output              Switch# collect counter bytes              Switch# collect counter packets              Switch# collect timestamp sys-uptime first              Switch# collect timestamp sys-uptime last            

Create the Catamenia Exporter

1. You lot must at present create the flow exporter to store the information that you desire to consign to an external network analyzer. The beginning footstep is to name the flow exporter:

                 Switch# flow exporter Comparitechexport            

2. Enter the IP address of the server your network analyzer is on (Change the IP accost):

                 Switch# destination 117.156.45.241            

3. Configure the interface that you desire to export packets with:

                 Switch# destination source gigabitEthernet 0/one            

4. Configure the port that the software agent volition use to listen for network packets:

                 Switch# transport UDP 2055            

5. Prepare the blazon of protocol data that you're going to consign by entering this control:

                 Switch# consign-protocol netflow-v9            

6. To brand sure there are no gaps in when flow data is sent enter the following control:

                 Switch# template data timeout 60            

Create a Flow Monitor

1. Once you lot've configured the menstruum exporter information technology is time to create the period monitor. Create the menstruum monitor with the following command:<

                 Switch# flow monitor Comparitechmonitor            

2. Associate the flow monitor with the flow record and exporter we configured earlier:

                 Switch# record Comparitechrecord            

                 Switch# exporter Comparitechexport            

3. To brand sure that period information is collected and normalized without a delay, enter the following command:

                 Switch# enshroud timeout active 60            

                 Switch# cache timeout inactive 15            

4. Enter the exit command:

                 Switch# exit            

5. Yous need to input the interfaces that volition collect the NetFlow data. If this is an ethernet interface you would enter the following:

                 Switch# interface gigabitEthernet 0/i            

6. Use the following control to configure NetFlow on multiple interfaces (the input control will withal collect data in both directions):

                 Switch# ip flow monitor Comparitechmonitor input            

7. If you lot want to collect NetFlow data on but one interface then you must use the input and output control. And so you would enter the following:

                 Switch# ip flow monitor Comparitechmonitor input            

                 Switch# ip menses monitor Comparitechmonitor output            

8. Exit configuration manner by entering the following command:

                 Switch# exit            

9. Save your settings to cease.

Configure a Cisco Switch for Peace of Mind!

Completing simple tasks like configuring passwords and creating network access lists controls who can access the switch can enable you to stay secure online. Incomplete or incorrect configurations are a vulnerability that attackers can exploit.

Configuring a Cisco switch is only one-half the battle, yous also have to regularly monitor its status. Any performance bug with your switch can have a substantial affect on your users.

Using a network monitoring tool and network analyzer can assist you to monitor switches remotely and review operation concerns. Taking the time out of your day to configure a switch and assign strong passwords gives you peace of mind so that you can communicate safely online.

Cisco Switch Configuration & Commands FAQs

How to configure a torso port on a Cisco 2960 switch?

To configure a trunk port on a Cisco 2960 switch:

1. Enter configuration mode:

configure terminal

2. Specify the port to utilise:

interface <interface-id>

3. Configure the port as a Layer 2 torso:

switchport mode {dynamic {automobile | desirable} | trunk}

These options mean:

• dynamic auto – The Default. Creates a trunk link if the neighboring interface is set to torso or desirable mode.
• dynamic desirable – Creates a trunk link if the neighboring interface is set to trunk, desirable, or auto mode.
• body – Sets the interface in permanent trunking style.

4. Specify a default VLAN to use for back up. This is optional:

switchport access vlan <vlan-id>

5. Specify the native VLAN:

switchport body native vlan <vlan-id>

6. Leave the config mode:

cease

How do I set a static IP on a Cisco switch?

A problem with the GUI interface of Cisco switches makes it impossible to assign a static IP address to an interface. Follow these steps for a workaround:

1. Create a text file on your PC. It doesn't affair where you save it or what you telephone call it, but make certain you remember where information technology is. Substitute real values for the tokens shown in bending brackets (<>) below. The text in the file should be:

Config t Interface <VLAN ID> No ip address DHCP Y No ip address <erstwhile IP accost> IP address <new IP address> <subnet mask> Leave IP default-gateway <gateway IP address>

2. Access the admin menu of the switch for Switch Management.
3. In the card, click on Administration, then File Management, and then select File Operations.
4. In the File Operations screen, set the following:

• Operation Type: Update File
• Destination File Type: Running Configuration
• Copy Method: HTTP/HTTPS
• File Name: (Browse to select the file you created on your PC).

5. Click on Employ.

These steps volition create a static IP address, which yous can check by going from the main card to IP Configuration > IPv4 Interface.

Do I have to configure a Cisco switch before it gets to piece of work?

No. The typical Cisco switch is ready to go out-of-the-box. However, you might want to change some parameters to customize its operations.

What Type Of Information Register In A Cisco Switch,

Source: https://www.comparitech.com/net-admin/configure-cisco-switches/

Posted by: wrendrithad.blogspot.com

Share this post