Sunday, October 4, 2015

Basic Cisco Switch config




***************************
   Basic Cisco Switch Config
***************************

enable secret password
!
hostname name
!
line con 0
exec_timeout 0 0
login
!
line vty 0 15
exec_timeout 0 0
login
!


###  Login Local ###

conf t
line vty 0 15
login local
end
!
conf t
username payo secret cisco1          <<<<<<<<< sha-256 (type 4) hash
username root password cisco2
ip domain-name example.com
crypto key generate rsa
1024
!
ip ssh version 2
end
!


                            *** overeni ***
                      sh ip ssh
                      sh ssh


######## Hiding Passwords ########

service password-encryption

enable secret 5 (7) secret   <<<< password!!!


*// nepouzivat enable secret password pass
!



####### Banner ######

conf t
banner C
......................................
 TEXT BANNERU
.....................................
C

banner login C

zneni textu pod motd bannerem
C

banner exec C

banner se objevi po zalogovani - pred enable
C





####### IP adresa #######

Na switchi nelze priradit IP adresu na interface - je treba

!
conf t
interface vlan 1
ip address 192.168.1.200 255.255.255.0
no shutdown
exit
!

! in case of dhcp
int vlan 1
ip address dhcp
no shutdown
!

! IP address na L2 switchi muze byt bind to 1 int only
! when configuring need to choose which vlan
! will be assigned for management
! L3 switch je ok s vice vlans

!
ip default gateway 192.168.1.1 255.255.255.0
!

do wr
end



********************* Verify IPv4 *****************************

sh dhcp lease
sh int vlan 1
sh ip default gateway

CHECK IF:
state up/up
if you see IP configured
*** dynamic from DHCP / nothing if failed ***

************************************************************

###########################

Configure Switch Interface

###########################

conf t
int Fa0/1
duplex full
speed 100
description ** WAN Connection **
exit
!
interface range Fa0/11 - 15
description *** NO Connection ***
shutdown
exit
!

- config of both speed and duplex disables autonegotiation

********** VERIFY ************

sh int stat
sh int sum
sh int AAx/y

******************************

##################

PORT SECURITY

##################

enable per port
each port maximum allowed MACs
if violated - by default shutting down all connections on port
sticky is savings MACs from all interfaces in config

!
conf t
int fa0/1
switchport mode access (switchport mode trunk)
switchport port-security
switchport port-security maximum xx





###############
 VLAN Config
###############

nepouzivat auto creation on interface

conf t
vlan number
int Fa0/0
switchport mode access | trunk
switchport access vlan number































at
Štítky: , , , , ,

No comments:

Post a Comment

Thank you for your comment. Will try to react as soon as possible.

Regards,

Networ King

Subscribe to: Post Comments (Atom)