Lab 2 Goals
• Connect to the switch using the console port
• Create a basic configuration
Lab Requirements
• PC
• Cisco console (rollover) cable
• Cisco Catalyst switch: 2950 or 2900-XL
The following lab assumes that the switch does not have a stored configuration (called startup-config). Connect to the console port and power on the switch. When the boot process is complete, the display should read:
Switch>
The following commands are used to display configuration and status information, and create a basic switch configuration. You should recognize changes in the prompt that occur as you progress through the exercise. Some of the following commands will produce more than one screen of display. The word “More” indicates that the display has more than one page. Use the Space Bar to advance the display one page or use the Enter key to advance one line. Practice using both the Space Bar and the Enter key to advance the display.
1. Switch> show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES manual down down
FastEthernet0/2 unassigned YES manual down down
FastEthernet0/3 unassigned YES manual down down
FastEthernet0/4 unassigned YES manual down down
FastEthernet0/5 unassigned YES manual down down
FastEthernet0/6 unassigned YES manual down down
FastEthernet0/7 unassigned YES manual down down
FastEthernet0/8 unassigned YES manual down down
FastEthernet0/9 unassigned YES manual down down
FastEthernet0/10 unassigned YES manual down down
FastEthernet0/11 unassigned YES manual down down
FastEthernet0/12 unassigned YES manual down down
Lines omitted
Vlan1 unassigned YES manual administratively down
2. Switch>enable
switch#
Notice the change in prompt when the enable command is used: #.
Before configuring the switch, it is important to recognize the default, or “factory” or “out-of-the-box” configuration. The following step will show the default configuration. The default configuration may change with a new IOS, and your switch may be slightly different. To display the active, or running configuration:
3. Switch# show running-config
Building configuration...
Current configuration : 1123 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
Lines omitted. Press the space bar to advance one screen, press Enter to advance one line.
interface Vlan1
no ip address
no ip route-cache
shutdown
!
ip http server
!
line con 0
line vty 5 15
The following commands will create a "basic configuration" for the switch. Text displayed in [brackets] is a variable, and can be any acceptable text (brackets should not be used in the configuration).
Most configuration commands are implemented immediately when the Enter key is pressed. This is easily seen with hostname command. The prompt changes as soon as Enter is pressed.
This exercise uses multiple passwords. Later, we will use the same password, but understand that the switch considers each password to be unique, even if the same value is used for each password.
● The enable password protects the switch from unauthorized changes
● The console password protects the switch from unauthorized console acccess.
●The vty password protects the switch from unauthorized telnet, or remote access.
4. Switch# configure terminal
5. Switch(config)# hostname [labsw1]
6. labsw1 (config)# enable password [pass1]
7. labsw1 (config)# line console 0
8. labsw1 (config-line) # password [pass3]
9. labsw1 (config-line) # login
10.labsw1 (config-line) # line vty 0 15
11.labsw1 (config-line) # password [pass4]
12.labsw1 (config-line) # login
It should be obvious what the password command does, but it is not so obvious what the login command does. The login command makes the password a requirement for the console. Without the login command, access could be granted without requiring a password.
Interface Configuration
The following commands are typical configuration commands for the Ethernet interfaces. Ethernet is used generically, and is the most common term used for these interfaces. Understand the interfaces used on your switch. The interfaces on the 2900-XL and the 2950 switches are Fast Ethernet.Technically:
• Ethernet means 10 Megabits per second and half duplex.
• Fast Ethernet means 100 Megabits per second and full duplex, but Fast Ethernet can also run 10 Megabits and half duplex.
• Gigabit Ethernet means 1,000 Megabits, or Gigabit, and full duplex. A Gibabit Ethernet interface will run all lower speeds, and both full and half duplex.
All Ethernet, FastEthernet, and Gigabit Ethernet interfaces will automatically synchronize speed and duplex with a device attached to the interface. However, configuring a speed and duplex on an interface disables automatic synchronization, forcing the interface to run only at the configured speed and duplex.
13. labsw1 (config-if) # interface FastEthernet 0/1
14. labsw1 (config-if) # description [Supported device]
15. labsw1 (config-if) # speed 100
16. labsw1 (config-if) # duplex full
17. labsw1 (config-if) # interface VLAN 1
18. labsw1 (config-if) # description [Management interface]
19. labsw1 (config-if) # ip address [192.168.1.75 255.255.255.0]
20. labsw1 (config-if) #no shutdown
The following message should be displayed after the “no shutdown” command has been entered:
00:37:24: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
(Exit configuration mode. Press Control key and Z simultaneously. Or use exit, exit)
21. labsw1 (config-if)# Crtl-Z
22. labsw1# show ip interface brief
Compare the status of interface VLAN 1 with the Step 1 display.
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES unset down down
FastEthernet0/2 unassigned YES unset down down
FastEthernet0/3 unassigned YES unset down down
Lines omitted
Vlan1 192.168.1.75 YES manual up down
The physical interfaces on the switch, Fast Ethernet 0/1-24, do not become active, or “up, up”, until an active, powered-on Ethernet device, such as a PC, is connected to it. Interface VLAN 1 is a logical (non-physical) interface used to manage the switch. The only purpose for interface VLAN 1 is to support a vty or a remote telnet connection. It has an ““up, down” status, not quite ready for use. The reason that the VLAN1 interface is not “up, up”, or completely functional, is that no physical path exists to provide access to the interface. None of physical interfaces are “up, up.” At least one interface must be “up, up” to provide a physical path to the switch.
A critical skill is to understand each interface status and to know how to correct an error status.
• “Up, up” status indicates that the interface is active and will transfer data.
• “Down, down” status indicates that the interface is not connected to a device, or the device has no power. Actually, “down, down” indicates the interface sees no power from another Ethernet device. If a device is connected to a “down, down” interface, it will activate, or go “up, up.”
• “Up, down” status indicates that the interface is not fully functional.
• “Administratively down” status indicates that the interface has been configured with “shutdown” to prevent it from being used to transfer data.
The display from Step 3 shows that interface VLAN 1 is configured with a "shutdown command, which results in the interface status of "administratively down". Think of "administratively down" as being shutdown by a network administrator. The "shutdown" was reversed by a no shutdown" configuration. The result is that interface VLAN 1 attempts to activate, but cannot.
In this lab, nothing has been connected to the Ethernet interfaces, so no interface provides a path into or out of the switch. Bringing up at least one of the physical interfaces will cause the physical interface and the VLAN 1 interface to change to ““up, up”. This can be accomplished by connecting a PC to one of the Ethernet interfaces. Connect a computer to interface Fast Ethernet 0/1, and use “show ip interface brief” command again to see the interface status changes.
(Packet Tracer requires that the Ethernet configurations of the computer match the switch interface configuration. In this lab, interface FastEthernet 0/1 has been configured for 100 Meg, full duplex. The interface of the computer must be configured the same for the port to go "up, up.": 100Meg, full duplex. In real life, modern computer Ethernet interfaces will auto-discover these values.)
Compare the displays from Step 1, Step 22 and Step 23.
23. labsw1# show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/1 unassigned YES unset up up
FastEthernet0/2 unassigned YES unset down down
FastEthernet0/3 unassigned YES unset down down
. (lines omitted)
Vlan1 192.168.1.75 YES manual up up
• In Step 1, Fast Ethernet 0/1 is "down, down" and interface VLAN 1 is "administratively down" because is configured as "shutdown."
• In Step 22, after the "no shutdown" configuration was made to interface VLAN 1 in Step 20, interface VLAN 1 is "up, down."
• In Step 23, after a computer is connected to interface Fast Ethernet 0/1, interface Fast Ethernet 0/1 is "up, up," and interface VLAN 1 is "up, up."
The display below shows the changes in the Fast Ethernet 0/1 configuration:
24. labsw1 # show interface FastEthernet 0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 0009.43cb.3001 (bia 0009.43cb.3001)
Description: Supported device: PC 192.168.1.26
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 100BaseTX
input flow-control is unsupported output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:03, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
. (lines omitted)
Compare with the new switch configuration with the configuration from Step 2.
25. labsw1 # show running-config
Building configuration...
Current configuration : 1350 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname labsw1
!
enable password pass1
!
ip subnet-zero
.
(lines omitted)
.
interface FastEthernet0/1
description Supported device: PC 192.168.1.26
speed 100
duplex full
!
interface FastEthernet0/2
!
interface FastEthernet0/3
(Lines omitted>
!
interface Vlan1
description Management interface
ip address 192.168.1.75 255.255.255.0
no ip route-cache
!
ip http server
!
line con 0
password pass3
login
line vty 0 4
password pass4
login
line vty 5 15
password pass4
login
!
!
end
Save the configuration
The configuration must be saved if the configuration is to be used after a reload or power down/up. The command is entered from enable mode:
26. labsw1# copy running-config startup-config
More on configuration management later.
This ends Lab 2. This is a critical lab. It was titled “Basic Switch Configuration” because it will be used for all future Cisco equipment configurations (meaning that this is also the “Basic Router Configuration”, with a few changes). Memorizing and absorbing this information is critical. Review as much as required, and then review some more. You have fully grasped the information when you can complete all steps without this guide, and you know what each step does.
It is highly advisable that this lab be repeated many times. To repeat the lab, delete the saved configuration:
erase startup-config
Then power the switch off/on the switch to bring it up in the original default configuration. The switch can also be rebooted with the reload command. When prompted to save the configuration, reply “no”. Press enter to continue with the reload.
The before-and-after comparisons may seem tedious, but they are a critical skill. The CCNA exam will have questions that measure your ability to recognize configuration errors. Before you can identify a configuration mistake, you have to recognize a correct configuration. It can get even tougher in a network management position. Many times you have to compare two configurations and identify the problem. There is no substitute for understanding device configurations.
You may continue with the Lab 3 before powering the switch off or disconnecting the console cable.
