Lab – Configuring Basic Switch Settings

Cisco Packet Tracer

Topology

Addressing Table

Step 1: Verify the default switch configuration.

  • Assuming the switch had no configuration file stored in nonvolatile random-access memory (NVRAM), you will be at the user EXEC mode prompt on the switch with a prompt of Switch>. Use the enable command to enter privileged EXEC mode.

Switch>
Switch>enable
Switch#
  • Examine the current running configuration file.

Switch#show running-config 
Building configuration...

Current configuration : 1043 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
spanning-tree mode pvst
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
!
!
!
line con 0
!
line vty 0 4
 login
line vty 5 15
 login
!
!
end


Switch#

How many FastEthernet interfaces does a 2960 switch have? 24

How many Gigabit Ethernet interfaces does a 2960 switch have? 2

What is the range of values shown for the vty lines? 0-15

  • Examine the startup configuration file in NVRAM.

Switch#show startup-config 
startup-config is not present
Switch#

Why does this message appear? Nothing yet has been saved to NVRAM.

  • Examine the characteristics of the SVI for VLAN 1.

Switch#show interfaces vlan 1
Vlan1 is administratively down, line protocol is down
  Hardware is CPU Interface, address is 0010.1157.a826 (bia 0010.1157.a826)
  MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 21:40:21, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     1682 packets input, 530955 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicast)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     563859 packets output, 0 bytes, 0 underruns
     0 output errors, 23 interface resets
     0 output buffer failures, 0 output buffers swapped out
Switch#

Is there an IP address assigned to VLAN 1? No

Examine the IP properties of the SVI VLAN 1. 0010.1157.a826

Is this interface up? Cisco switches have the no shutdown command configured by default on VLAN 1, but VLAN 1 won’t reach the up/up state until a port is assigned to it and this port is also up. If there is no port in the up state in VLAN 1, then the VLAN 1 interface will be up, line protocol down. By default, all ports are assigned initially to VLAN 1.

  • Examine the Cisco IOS version information of the switch.

Switch#show version 
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(25)FX, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 12-Oct-05 22:05 by pt_team

ROM: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX, RELEASE SOFTWARE (fc4)

System returned to ROM by power-on

Cisco WS-C2960-24TT (RC32300) processor (revision C0) with 21039K bytes of memory.


24 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

63488K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 0010.1157.A826
Motherboard assembly number     : 73-9832-06
Power supply part number        : 341-0097-02
Motherboard serial number       : FOC103248MJ
Power supply serial number      : DCA102133JA
Model revision number           : B0
Motherboard revision number     : C0
Model number                    : WS-C2960-24TT
System serial number            : FOC1033Z1EY
Top Assembly Part Number        : 800-26671-02
Top Assembly Revision Number    : B0
Version ID                      : V02
CLEI Code Number                : COM3K00BRA
Hardware Board Revision Number  : 0x01


Switch   Ports  Model              SW Version              SW Image
------   -----  -----              ----------              ----------
*    1   26     WS-C2960-24TT      12.2                    C2960-LANBASE-M

Configuration register is 0xF

Switch#

What is the Cisco IOS version that the switch is running? 12.2

What is the base MAC address of this switch? 0010.1157.A826

  • Examine the default properties of the FastEthernet interface used by PC.

Switch#show interfaces fastEthernet 0/6
FastEthernet0/6 is up, line protocol is up (connected)
  Hardware is Lance, address is 0001.977d.3506 (bia 0001.977d.3506)
 BW 100000 Kbit, DLY 1000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s
  input flow-control is off, output flow-control is off
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:08, output 00:00:05, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue :0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     956 packets input, 193351 bytes, 0 no buffer
     Received 956 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     2357 packets output, 263570 bytes, 0 underruns
     0 output errors, 0 collisions, 10 interface resets
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out
Switch#

Is the interface up or down? It should be up unless there is a cabling problem.

What event would make an interface go up? Connecting a host or other device.

What is the MAC address of the interface? 0001.977d.3506 .

What is the speed and duplex setting of the interface? Full-duplex, 100Mb/s .

  • Examine the default VLAN settings of the switch.

Switch>show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gig0/1, Gig0/2
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0   
1003 tr    101003     1500  -      -      -        -    -        0      0   
1004 fdnet 101004     1500  -      -      -        ieee -        0      0   
1005 trnet 101005     1500  -      -      -        ibm  -        0      0   

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------
Switch>

What is the default name of VLAN 1? default

Which ports are in this VLAN? all ports; Fa0/1 – Fa0/24; Gi0/1, Gi0/2

Is VLAN 1 active? Yes

  • Examine flash memory.

Switch#show flash:
Directory of flash:/

    1  -rw-     4414921          <no date>  c2960-lanbase-mz.122-25.FX.bin

64016384 bytes total (59601463 bytes free)
Switch#dir flash:
Directory of flash:/

    1  -rw-     4414921          <no date>  c2960-lanbase-mz.122-25.FX.bin

64016384 bytes total (59601463 bytes free)
Switch#

What is the filename of the Cisco IOS image? c2960-lanbase-mz.122-25.FX.bin

Step 2: Configure Basic Network Device Settings

  • Assign the switch hostname.

Switch>
Switch>enable 
Switch#configure terminal 
Switch(config)#hostname SW
SW(config)#
  • Configure password encryption.

SW(config)#service password-encryption
SW(config)#
  • Assign class as the secret password for privileged EXEC mode access.

SW(config)#enable secret class
SW(config)#
  • Prevent unwanted DNS lookups.

SW(config)#no ip domain-lookup 
SW(config)#
  • Configure a MOTD banner.

SW(config)#banner motd #
Enter TEXT message.  End with the character '#'.
Unauthorized access is strictly prohibited. #

SW(config)#

Which shortcut keys are used to go directly from global configuration mode to privileged EXEC mode? Ctrl-Z

  • Enter global configuration mode to set the SVI IP address of the switch.First, create the new VLAN 99 on the switch. Then set the IP address of the switch to 192.168.1.2 with a subnet mask of 255.255.255.0 on the internal virtual interface VLAN 99.

SW#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
SW(config)#vlan 99
SW(config-vlan)#exit
SW(config)#interface vlan 99
SW(config-if)#
%LINK-5-CHANGED: Interface Vlan99, changed state to up

SW(config-if)#ip address 192.168.1.2 255.255.255.0
SW(config-if)#no shutdown 
SW(config-if)#exit
SW(config)#

Notice that the VLAN 99 interface is in the down state even though you entered the no shutdown command. The interface is currently down because no switch ports are assigned to VLAN 99.

  • Assign all user ports to

    • 255.255.255.0

    .

SW(config)#interface range fastEthernet 0/1-24, gigabitEthernet 0/1-2
SW(config-if-range)#switchport mode access 
SW(config-if-range)#switchport access vlan 99
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to up

SW(config-if-range)#exit
SW(config)#
  • Issue show vlan brief command to verify that all the user ports are in VLAN 99.

SW#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    
99   VLAN0099                         active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gig0/1, Gig0/2
1002 fddi-default                     act/unsup 
1003 token-ring-default               act/unsup 
1004 fddinet-default                  act/unsup 
1005 trnet-default                    act/unsup 

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
99   enet  100099     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0   
1003 tr    101003     1500  -      -      -        -    -        0      0   
1004 fdnet 101004     1500  -      -      -        ieee -        0      0   
1005 trnet 101005     1500  -      -      -        ibm  -        0      0   

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------
SW#
  • Configure the IP default gateway for SW.

SW(config)#ip default-gateway 192.168.1.1
SW(config)#

If no default gateway is set, the switch cannot be managed from a remote network that is more than one router away.

  • Console port access should also be restricted. The default configuration is to allow all console connections with no password needed. To prevent console messages from interrupting commands, use the logging synchronous option.

SW(config)#line console ?
  <0-0>  First Line number
SW(config)#line console 0
SW(config-line)#password cisco
SW(config-line)#logging synchronous 
SW(config-line)#exit
SW(config)#
  • Configure the virtual terminal (vty) lines for the switch to allow Telnet access. If you do not configure a vty password, you are unable to telnet to the switch.

SW(config)#line vty 0 15
SW(config-line)#password cisco
SW(config-line)#login
SW(config-line)#end
SW#
  • Save the switch running configuration file.

SW#copy running-config startup-config 
Destination filename [startup-config]? 
Building configuration...
[OK]
SW#

Step 3: Configure an IP address on PC.

  1. Click the Windows Start icon > Control Panel.

  2. Click View By: and choose Small icons.

  3. Choose Network and Sharing Center > Change adapter settings.

  4. Select Local Area Network Connection, right click and choose Properties.

  5. Choose Internet Protocol Version 4 (TCP/IPv4) > Properties.

  6. Click the Use the following IP address radio button and enter the IP address and subnet mask.

Step 4: Test end-to-end connectivity with ping.

  • From the command prompt on PC, ping the SVI management address of SW.

PC>ping 192.168.1.2

Pinging 192.168.1.2 with 32 bytes of data:

Reply from 192.168.1.2: bytes=32 time=0ms TTL=255
Reply from 192.168.1.2: bytes=32 time=0ms TTL=255
Reply from 192.168.1.2: bytes=32 time=0ms TTL=255
Reply from 192.168.1.2: bytes=32 time=0ms TTL=255

Ping statistics for 192.168.1.2:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

PC>
  • From the SW Switch, ping your own PC address.

SW#ping 192.168.1.10

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/0 ms

SW#

Step 5 : Manage the MAC Address Table

  • Determine the MAC addresses that the switch has learned.

SW#show mac-address-table 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

  99    00d0.ff0a.4a42    DYNAMIC     Fa0/6
SW#

How many dynamic addresses are there? 1

Does the dynamic MAC address match the PC-A MAC address? Yes

  • Display the MAC address table options.

SW#show mac-address-table ?
  dynamic     dynamic entry type
  interfaces  interface entry type
  static      static entry type
  <cr>
  • Issue the show mac address-table dynamic command to display only the MAC addresses that were learned dynamically.

SW#show mac-address-table dynamic 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

  99    00d0.ff0a.4a42    DYNAMIC      Fa0/6
SW#
  • Clear the MAC address table.To remove the existing MAC addresses, use the clear mac address-table command from privileged EXEC mode.

SW#show mac-address-table 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

  99    00d0.ff0a.4a42    DYNAMIC     Fa0/6

SW#clear mac address-table 
SW#show mac-address-table 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

SW#
  • Set up a static MAC address on F0/6 using the address that was recorded for PC.

SW(config)#mac address-table ?
  static  static keyword
SW(config)#mac address-table static ?
  H.H.H  48 bit mac address
SW(config)#mac address-table static 00d0.ff0a.4a42 ?
  vlan  VLAN keyword
SW(config)#mac address-table static 00d0.ff0a.4a42 vlan 99 ?
  interface  interface
SW(config)#mac address-table static 00d0.ff0a.4a42 vlan 99 interface fastEthernet 0/6 ?
  <cr>
SW(config)#
  • Verify the MAC address table entries.

SW#show mac-address-table 
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----

  99    00d0.ff0a.4a42    STATIC      Fa0/6
SW#
  • Remove the static MAC entry. Enter global configuration mode and remove the command by putting a no in front of the command string.

SW(config)#no mac address-table static 00d0.ff0a.4a42 vlan 99 interface fastEthernet 0/6 
SW(config)#

Step 6: Initialize and reload the switch

  • Use the show flash command to determine if any VLANs have been created on the switch.

SW#show flash
Directory of flash:/

    1  -rw-     4414921          <no date>  c2960-lanbase-mz.122-25.FX.bin
    3  -rw-        2684          <no date>  config.text
    2  -rw-         616          <no date>  vlan.dat

64016384 bytes total (59598163 bytes free)
SW#
  • If the vlan.dat file was found in flash, then delete this file.

SW#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]

SW#
  • Use the erase startup-config command to erase the startup configuration file from NVRAM. You are prompted to remove the configuration file. Press Enter to confirm.

SW#erase startup-config 
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
SW#
  • Reload the switch to remove any old configuration information from memory. You will then receive a prompt to confirm to reload the switch. Press Enter to proceed.

SW#reload
Proceed with reload? [confirm]

[ ... ]

Keywords :

Configuring Basic Switch Settings , CISCO , NVRAM , یاسر رحمتی , yaser rahmati , nonvolatile random-access memory , privileged EXEC mode , FastEthernet , interfaces , SVI , VLAN 1 , Cisco IOS , MAC address , default VLAN , hostname , password encryption , enable secret , MOTD , Ctrl-Z , configure terminal , 255.255.255.0 , logging synchronous , startup-config , end-to-end connectivity , ping , mac address-table , show flash

Last updated