Scribd
Upload
8 views8 pages

Switch Configuration Lab Guide

This document outlines the objectives and tasks for a lab on switch configuration in a computer networks laboratory. It covers basic switch configuration methods, remote connection techniques, and step-by-step instructions for configuring a switch using both physical and remote access. Key tasks include verifying default switch configurations, enabling Telnet, securing access with passwords, and encrypting sensitive information.

Uploaded by

sabekaelhouni510
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views8 pages

Switch Configuration Lab Guide

This document outlines the objectives and tasks for a lab on switch configuration in a computer networks laboratory. It covers basic switch configuration methods, remote connection techniques, and step-by-step instructions for configuring a switch using both physical and remote access. Key tasks include verifying default switch configurations, enabling Telnet, securing access with passwords, and encrypting sensitive information.

Uploaded by

sabekaelhouni510
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

FACULTY OF ENGINEERING

DEPARTMENT OF COMPUTER ENGINEERING


Computer Networks Laboratory (EC 431L)

Student Name:…………………… ………… Registration Number:……………………..

LAB 3: Switch Configuration

Objectives:
1. Learn basic switch configuration methods.
2. Learn how remotely connect to a switch.
3. Learn Configure a Basic Switch Configuration

Background:
.
When you're connecting to a Cisco router or switch, you're going to use one of two methods:

1. Physically connecting a laptop/PC to the switch or router


2. Connecting from a remote location via Telnet or SSH

The console port is a physical interface on the network device (e.g., router, switch) that allows
direct access for configuration and management.

VTY (Virtual Terminal Lines) lines are used when you connect remotely. They appear in the
configuration as line vty 0 4. That means you can have up to 5 simultaneous connections to this
device at one time.

Task 1: Verify the Default Switch Configuration

User EXEC Mode

User EXEC mode is the first level of access, where basic commands can be executed. The
prompt typically looks like this:

Switch >

1
Common Commands in User EXEC Mode:

ping: Test connectivity to another device.

traceroute: Trace the route packets take to a network host.

show version: Display the device's software version and hardware information.

show ip interface brief: Display a summary of the interface status and IP addresses.

telnet: Connect to another device using Telnet.

exit:

Privileged EXEC Mode

Privileged EXEC mode provides access to more advanced commands and configuration options

Switch #

Common Commands in Privileged EXEC Mode:

configure terminal: Enter global configuration mode to change device settings.

show running-config: Display the complete current configuration.

show startup-config: Display the configuration stored in NVRAM.

copy running-config startup-config: Save the current configuration to startup


configuration.

Step 1: Enter privileged EXEC mode.

You can access all switch commands from privileged EXEC mode. However, because many
of the privileged commands configure operating parameters, privileged access should be
password-protected to prevent unauthorized use.

The privileged EXEC command set includes those commands contained in user EXEC mode,
as well as the configure command through which access to the remaining command modes are
gained.

1. Click Switch and then the CLI tab. Press Enter.


2. Enter privileged EXEC mode by entering the enable command:

Switch> enable

2
Switch#

Notice that the prompt changed in the configuration to reflect privileged EXEC mode.
To display a comprehensive list of commands, enter a question mark (?) at the prompt.
Switch# ?
To return to user EXEC mode, enter the disable privileged EXEC command.

Step 2: Examine the current switch configuration.

1. Enter the show running-config command:

Switch# show running-config ; you can abbreviate as: Switch# show run

2. Answer the following questions:


a. How many Fast Ethernet interfaces does the switch have? ………..………….…
b. How many Gigabit Ethernet interfaces does the switch have? ………………….
c. What is the range of values shown for the vty lines? …………………..………..
d. Which command will display the current contents of non-volatile random-access
memory (NVRAM)? ………………………………………………………….
e. Why does the switch respond with startup-config is not present?…………….…
…………………………………………………………………………………….

Task 2: Configure a switch remotely

To enable telnet on Cisco switch, simply do it with “line vty” command.

Step 1: Enter privileged EXEC mode.

switch>enable

switch #

Step 2: Enter global configuration mode.

switch #configure terminal

switch (config)#
Enter configuration commands, line vty 0 . This line are used when you connect remotely
switch (config)# line vty 0

The “line vty” command enable the telnet and the “0″ is just let a single line or session to the
switch. If you need more session simultaneously, you must type “line vty 0 4“.

3
Step 4: Configure an EXEC mode password using the password command.
The “password” command set the “secret1” as password for telnet. You can set your own
password

switch (config-line)# password secret1 enable password secret1


switch (config-line)#login
switch (config-line)# exit

Step 5: Configure the VLAN 1 interface with the IP address

switch (config)#interface vlan 1


switch (config-if)# ip address [Link] [Link]

Step 6: activate interface by typing


switch (config-if)#no shutdown

Step 7: Use the end command to return to privileged EXEC mode.

switch (config-if)#end

switch#

Step 8: Save configuration using write command

switch# write ; you can abbreviate as: Switch# wr

Building configuration

[OK]

switch#

Step 9: Configure PC2 using Static IP Addressing

Global Settings:
 Be sure the configuration is set to Static
 Set the IP address to [Link]
 Set the Subnet Mask to [Link]

Step10: In the Command Prompt of PC2 type

PC2> telnet [Link]

4
Trying [Link] ………….open

User access verification

Password “ enter password”

Switch >

Switch > enable

Switch#

Task 3: Configure a Basic Switch Configuration by using line console 0

Step 1: Assign a name to a switch.

To configure parameters on a switch, you may be required to move between various


configuration modes.

Switch# configure terminal


Switch(config)# hostname Switch1
Switch1(config)# exit
Switch1#

Step 2: Secure access to the console line.

To secure access to the console line, access configure-line mode and set the console
password to secret1

Switch1# configure terminal


Enter configuration commands, one per line. End with CNTL/Z.

Switch1(config)# line console 0

Switch1(config-line)# password secret1

Switch1(config-line)# login
Switch1(config-line)# exit

Switch1(config)# exit

%SYS-5-CONFIG_I: Configured from console by console


Why is the login command required? In order for the password checking process to work, it
requires both the login and password commands.

Step 3: Verify that console access is secured.

5
Exit privileged mode to verify that the console port password is in effect.

Switch1# exit ; Switch con0 is now available

Press RETURN to get started.

User Access Verification Password: Switch1> ; enter password

Step 4: Secure privileged mode access. Set the enable password to secret2. This password
protects access to privileged mode.

This password will not grade as correct until after you encrypt it in Step 8.

Switch1> enable

Switch1# configure terminal

Switch1(config)# enable password secret2

Switch1(config)# exit

%SYS-5-CONFIG_I: Configured from console by console

Step 5: Verify that privileged mode access is secure.

1. Enter the exit command again to log out of the switch.

2. Press and you will now be asked for a password: User Access Verification Password.

3. The first password is the console password you configured for line con 0. Enter this
password to return to user EXEC mode.

4. Enter the command to access privileged mode.

5. Enter the second password you configured to protect privileged EXEC mode.
6. Verify your configurations by examining the contents of the running-configuration file:

Switch1# show running-config

Notice how the console and enable passwords are both in plain text. This could pose a
security risk if someone is looking over your shoulder.

Step 6: Configure an encrypted password to secure access to privileged mode.

The enable password should be replaced with the newer encrypted secret password using
the enable secret command.

6
Switch1# config t

Switch1(config)# enable secret secret3

Switch1(config)# exit

Switch1#

Note: The enable secret password overrides the enable password. If both are configured on
the switch, you must enter the enable secret password to enter privileged EXEC mode.

Step 7: Verify that the enable secret password is added to the configuration file.

1. Enter the show running-config command again to verify the new enable secret password
is configured.

2. What is displayed for the enable secret password?


$1$mERr$ILwq/b7kc.7X/ejA4Aosn0

Step 8: Encrypt the enable and console passwords. As you noticed in Step 7, the enable secret
password was encrypted, but the enable and console passwords were still in plain text.
We will now encrypt these plain text passwords using the service password-encryption
command.

Switch1# config t

Switch1(config)# service password-encryption

Switch1(config)# exit

If you configure any more passwords on the switch, will they be displayed in the
configuration file as plain text or in encrypted form? Explain. The service password-
encryption command encrypts all current and future passwords.

7
Command Modes Summary

You might also like