Basic cisco switch configuration☝🏾
Here we will use the commands mentioned previously in the last story to configure our first equipment which will be the switch.
some points that will we cover:
.check running config
.configure Management interface and ip
.configure line Vty (telnet) and console
.create a user
.create enable password
.check mac address table
.observe how the switch operates
.save the configuration (running to startup)
*check running config
Go to packet tracer, take two pcs and a switch. One thing that you need to know when you want to connect to a switch on packet tracer, no need to turn it on or configure it first, the ports are already open.
Startup-config(NVRAM) VS Running-config(RAM)🤨:
the startup-config is the configuration which is saved in the NVRAM (non-volatile random access memory) so the information saved there remains maintained even after a power cut or a bug; It becomes the running-config when the equipment starts up by loading the informations contained in the NVRAM into the RAM. The difference between these two terms comes from the fact that the configurations made when the equipment is running remain in the running-config and can be erased or lost after a power cut or a bug. the ideal would be to save them in startup-config if we have made important configurations or commands.😉
after i will show how to save the running-config into the startup-config;
- first look about the running-config
type “show running-config or do show running-config” it depends if you are in enable mode or configure terminal mode, you have talked about it previously .
“ show running-config”
here we notice that all our interfaces are empty, the are not configurated.
we observe here the interface vlan1 which is not set ,it has no ip addres and his interface is shutdown. we will talk briefly about VLAN after.
Our startup-config is empty , we will see after the first save.
Let’s look deep in the NVRAM
not surprise 🥱 that the nvram is empty because this is the memory of startup-config it’s logic
Save running-config into startup-config:
“copy running-config sta + Tab +enter”
“copy running-config startup-config +enter”
now look in the NVRAM if the file is created, just little verification🙄!!
Ahhh!! nice😀the file have been created; this means that I have my startup config which was created and now even if I reboot my device the configurations previously made in running-config are saved.
The next time I turn on my equipment I will have my previous configurations in the running-config because they will be loaded from the startup-config but the new configurations made in running-conf will not be saved in the startup-config we have to saved them again so as not to lose them.
Here we will briefly talk about what a VLAN is,
VLAN (virtual local area network), it is just a way of dividing a local network into several virtual networks within the same switch, without forgetting that each switch comes with a default virtual network which is called VLAN1. We will discuss this in depth later.
“show vlan brief” or
“do show vlan brief”
you will see that all these interfaces belong to vlan 1 by default and we have 4 other vlans which are compatibility vlans we do not use them. The only vlan used is vlan1 so this is how we look at the vlans.
*configure Management interface and ip
If you want to check the different interfaces, type the command: “show ip interfaces or do show ip interfaces”
GigaEthernet:1000mb/s or 1Gb/s
The vlan1 is a virtual interface which help you to manage the default vlan1 in your device(assigned ip address, change the status…). if you look attentively you will see that it is only the vlan1 interface that you can administratively down or up with the command “shutdown or no shutdown” the other interfaces are automaticaly up when they are connected to another interface.
“configure terminal” + enter and type : hostname +xxxxx +enter
*check mac address table
the mac addres table is empty because the device haven’t start to communicate each other.
Now you will configure this local network before look the mac address table after the first ping.
-assigned an ip address for each device
ping a device using his ip address is like send a message to this device, is the better way to communicate with a device
when the devices start pinging both of them , the mac-address-table start record the different mac-address in his local network.
*configure Management interface and ip
configure a management interface who will able to acces to the switch if you are not directly connected to them.
1-assigned and ip address to the switch
“configure terminal” +enter
“interface vlan1” + enter
“ip address x.x.x.x x.x.x.x”+enter
ok now let’s ping the switch thanks to his ip”10.0.0.3" from the pc0"10.0.0.1"
and see what happens.
🙋🏾♂️because you forgot to change the protocol, state down to state up ahh😀nice, you have seen it previously.
i want to notice that we have a command who able you to ping a device forever without interruption. the call it “ping-t” (ping extended).
exemple: i will ping-t the pc0 and after i will shutdown his interface and we will observe the difference.
1-make a ping-t to reach the pc0
2-shutdown the interface of the pc0 which is connected to the switch
3-after shutdown the interface of the pc0
4-now type “no shutdown” the interface to see what happens
*configure line Vty (telnet) and console
vty line is the connection that will we use if you want to connect you remotely to a device.
type “show users” to see which user is configured and which line will he use to connect remotely to our switch.
They are many types of lines: console (con) and virtual terminal and there are 16 connections lines from 0 to 15 for the vty lines
.configure our first user who will able to acces remotely to the switch using one of the 16 vty lines :
type ‘line vty 0 15’
type ‘transport ?’ , you need and input connection to access remotely
type ‘transport input ?’
type ‘transport input telnet’
. tell how to authantificate
type the command “login ?”
type the command “login local” thanks to this, it will authenticate the users registered in the switch database, so you have to register a user in the database of the switch.
- create a user
*create enable password
create an enable password to be able to go to the privileged mode when you access to the switch remotely
Now access the switch using telnet connection from pc0
- let’s type show users
you have two users connected to the switch at the same time(console 0 and vty 0), do’nt forget that you can have 16 users connect to the switch at the same time.