In a Network hierarchy, the Switch is next in line after the router. No wonder they are often integrated in the sense that there are single devices that can perform both the function of a switch and a router at the same time. The switch functions are layer 2 of the OSI model while the router which I talked about in my previous post https://www.hdm-afriglobal.net/post/how-to-configure-the-basics-in-cisco-routers" functions at layer 3 of the OSI model but as I mentioned above there are switches that can perform the duties of a router known as layer 3 switching while there are routers that have integrated switch ports thus doing the job of both a router and a switch.
Today I will be sharing with you, commands to get your switch setup and working efficiently in your SOHO(Small Office Home Office) network. Assuming you have already set up your router and you have different devices that need to share the network, this is how you can configure a few things including security in your switch to get it running smooth and secured.
I made this particular post for the novice or the average user who just wants a small network set up easily and running without much need for much technical expertise. If you are a CCNA candidate, these articles might be helpful but I will recommend you go into a full course study guide. There are experienced professional tutors and Authors in the field such as Todd Lammle, Jeremy, etc. whom you can search online and get in touch with their full course guides. These I made here are just commands and does not contain a detailed understanding of how the network functions. but this should probably help you if you just want to get things configured quickly. If you are not interested in this literature, you can quickly scroll down to the COMMAND LINE INTERFACE and figure out how to do what you want to do and don't forget to leave your comment or subscribe for future posts. Just for the knowledge of it, there are different types of Cisco switches. Depending on an organization's need, they are built to perform in accordance with the size of an establishment providing high performance and Process capacity. So an Engineer can determine which is the best fit for a company, organization, Corporation or an Industry according to their line of business and needs: There is the Catalyst series 9400, 9300, 9200 (these are the latest releases), 3850, 3650 and 2960 X/XR for LAN Access Switching. Catalyst 3560-CX, 2960-L and, Meraki MS120 -8 for LAN Digital Building Switches. Catalyst 9500, 9400, 6800, Nexus 7000 and Meraki MS400 series for LAN Core and distribution switches. Nexus 9000, 7000 and 3000 series for data center switches. Nexus 9500, 9300 series for Cloud-Scale Datacenter Switches. Cisco MDS 9700, 9200, 9100 for Storage Networking. Cisco IE5000, IE4000, Cisco catalyst IE3400, IE3300, IE3200 Rugged series for Industrial Ethernet Switches. 550X Series, 350X Series stackable managed switches, 250 series smart Switches and 110 Series Unmanaged Switches for Small Size Business switch. All mentioned is just a summary of the different Cisco Switches according to their processing power and capabilities to handle heavy tasks according to the needs of different users, companies, organizations, and industries So let's begin with some commands to successfully set up your switch. Note each switch port contains a separate collision domain, unlike hubs which are not popular or perhaps even in extinction for networks nowadays
THE COMMAND LINE INTERFACE: The interface below used the teraterm terminal program. nowadays a lot of people go with putty. you can easily download it from putty.org
Like all Cisco devices running the IOS (Internetwork Operating System), They always boot and startup in the User or exec mode, and the switch is no different from the router who also has three modes for configuration i.e User mode, Privilege mode, and the Global Config mode. Remember key configurations are done in the Global config mode and privileged mode for the most show command
You are in the USER MODE
= TO ACCESS THE PRIVILEGE MODE: Type Enter or En
= TO ACCESS THE GLOBAL CONFIG MODE: Type Config terminal or Config t
= TO NAME YOUR SWITCH: type Hostname xx [enter] x is the name you want to give your switch
= TO SET UP A BANNER: type Banner motd (a delimiting character e.g @, x, %, & etc) Banner message e.g (unauthorized Access Restricted) Same delimiting character. this is an example of a banner command =
Banner motd @ UNAUTHORISED ACCESS RESTRICTED @
= TO SAVE CONFIGURATIONS[privilege mode] Copy running-config{space}Startup-config
= TO VIEW SAVE CONFIGURATIONS[privilege mode] Show startup-config
= TO VIEW RUNNING CONFIGURATIONS[privilege mode] show running-config
= TO SETUP A TIME LAPSE BEFORE THE SWITCH LOGS OUT WHEN IDLE: Type
Line Con 0 [enter]
exec-timeout mm{space}ss (mm is minutes and ss is seconds)
=TO GIVE THE SWITCH AN IP ADDRESS:(global config mode) type
Interface Vlan 1 [enter]
ip address x.x.x.x subnet mask [enter] x.x.x.x is your 32 bit ip address or 4 octet address
no shutdown
= TO ASSIGN A DEFAULT GATEWAY ADDRESS TO A SWITCH: Type
ip default-gateway x.x.x.x [enter] (x.x.x.x is the router's ip address)
ip default-network x.x.x.x [enter] (x.x.x.x is the network address)
= TO ACTIVATE STATUS REPORTS FROM ALL CONNECTIONS: (privilege mode) type
Terminal monitor
= TO KEEP STATUS MESSAGES FROM INTERRUPTING YOUR TYPING COMMANDS:
Line Console 0 [enter]
logging synchronous [enter]
= TO SETUP SSH: (Global config mode) type
Username xxx password xxx [enter] x is your user name and password respectively
IP domain-name www.xxxx.com [enter] put your domain name e.g www.shanyelson.com
crypto key generate rsa [enter]
512 or 1024[ Enter] (choose between 512bits or 1024 bits}
ip ssh version 2 [enter]
line vty 0 4 [enter]
transport input ssh [enter] NOTE: in some switches, you may have to type but
transport input telnet ssh
Also, note you can't successfully configure SSH without setting a hostname for your router
=TO COMPLETE ENCRYPT ALL SET PASSWORDS: TYPE
Service password-encryption [enter]
= TO EXIT ONE STEP OUT OF A CONFIGURATION: simply type EXIT
= TO EXIT OUT OF ONE MODE TOTALLY: simply type END
= TO SECURE THE PRIVILEGE MODE: Type Enable secret xxx( X is your password)
=TO SECURE THE CONSOLE PORT: type
Line Con 0 [enter]
password xx (x is your password) [enter]
Login
=TO SECURE THE VTY PORT: TYPE
Line vty 0 4 ( the range depends on your number of vty ports that you wish to secure
password xx (x is the name of your password)
Login
= TO SETUP PORT SECURITY, FOR MAC ADDRESS SPECIFICALLY:(global config mode)
GO to the port interface e.g
interface FastEthernet x/x [enter] x/x is the port number on the switch
switchport mode Access [enter]
switchport port-security [enter]
switchport port-security maximum x [enter] x is the number of trial attempts a user may make
switchport port-security violation shutdown [enter] choose between protect, restrict or shutdown
switchport port-security mac-address sticky
= TO CONFIGURE A RANGE OF PORTS FOR ONE COMMAND: Use the interface range command, for example, Interface range fa0/1 - 20
This will issue the command for this range of ports rather than going individually to configure each port which might just be waste of too much time.
= TO SETUP TRUNK PORTS: (global config mode) go to the port interface.
Interface FastEthernet x/x [enter] (x/x is the port number on the switch)
Switchport mode trunk [enter]
For some switches, probably older switches the command will be different and will be like this
Interface FastEthernet x/x [enter] (x/x is the port number on the switch)
Switchport trunk encapsulation dot1q [enter]
switchport mode trunk
= TO SET UP VLANs (global config mode): type
Vlan xx [enter] (xx is the VLAN number which ranges from 1 - 10005 or more)
name xxx [enter] (xxx is the name you want to give your created vlan e'g marketing, sales etc)
= TO ASSIGN PORT TO VLANs (global config mode) go to the port interface or use the port interface range command if you want to assign multiple switch ports to the same VLAN. e.g
Interface FastEthernet x/x [enter] (x/x is the port number on the switch)
Switchport access vlan xx [enter] xx is the vlan number you created.
To remove any command, Type NO before the command for example if you do not want rip to continue running you can go to global config and type NO router rip. NO negates any command. So this wraps up the basic commands and configurations for your switch if you just want the simple things to do on your switch and get it running then this is just best for you. Feel free to leave your comments and if you face difficulties while configuring, you can also drop them in the comments section. Note that these are basic configurations, I will prepare advanced configurations including layer three switching commands and subinterface commands for VLAN interfaces and routing. My next post will be some Advanced configurations for both switches and routers. There are also a series of show commands like the few I mentioned below. I am going to be updating the list as well but most probably in the next post which will be the Advanced Configurations. Thank you for reading Show version in the privilege mode and you can see that. There are a host of other show commands and all these show commands are done in the privilege mode. show cdp neighbors = to see directly connected devices Show cdp neighbor detail = To see full details of directly connected devices
Find a small switch you can practice configurations at home or perhaps use it for your business here https://amzn.to/39Nlc4w
댓글