A STEP-BY-STEP COMMAND GUIDE TO CONFIGURE NEW SWITCH

Before We Begin: Know What Hardware You’re Using and Download PuTTY 

The first step is to check what hardware you are using before you begin. If you are using a Cisco switch, you need to know what model you have. You also want to check the physical state of the device and verify that none of the cables is damaged. You can turn the router on to make sure there is no damage to the lighting/indicators.

Now that you have made sure, the device is in working order you are ready to start configuring.

In this guide, we are going to configure a Cisco switch through the command-line interface (CLI) with the open-source SSH/Telnet client PuTTY (although you can use another tool if you prefer). If for any reason putty is not an option for your setup, you can get similar results with a PuTTY alternative.

  1. Connect the Switch to PuTTY

To start configuration, you want to connect the switch console to PuTTY. You can do this by doing the following:

  1. Connect the switch to PuTTY with a 9-pin serial cable.
  1. Now open PuTTY and the PuTTY Configuration window will display. Go to the Connection type settings and check the Serial option
  2. Go to the Category list section on the left-hand side and select the Serial option.
  3. When the options controlling local serial lines page displays enter the COM port your network is connected to in the Serial line to connect to box e.g. COM5.
  4. Next, enter the digital transmission speed of your switch model. Go to the Data bits field and enter 8.
  5. Now go to the Stops bits field and enter 1.
  6. Click on the Parity drop-down menu and select the None option.
  7. Go to the Flow Control drop-down menu and select the None option.

The following message will display in the command prompt:

Switch>

2. Enter Privileged EXEC Mode and Set a Hostname for the Switch

Type in the enable command to enter privileged EXEC mode

Enable 

Next, enter Global Configuration Mode and enter the following command:

Switch# configure terminal 

Switch(config)#

You can make the switch easier to locate in the network by assigning a hostname. Enter the following command to assign a hostname:

Switch(config)# hostname access-switch1 

access-switch1(config#

3. Assign a Password to the Switch

Once you have assigned a hostname you will want to create a password to control who has access to the privileged EXEC mode (to prevent everyone from being able to log in). To assign an administrator password to enter the following command:

access-switch1(config)# enable secret PA$$@WORD

Remember to pick a strong password so that it is harder to figure out.

4. Configure Telnet and Console Access Passwords

The next step is to configure passwords for Telnet and console access. Configuring passwords for these is important because it makes your switch more secure. If someone without authorization gains telnet access then it puts your network at serious risk. You can configure passwords by entering the following lines

Telnet

access-switch1(config)# line vty 0 15

access-switch1(config-line)# password PA$$@WORD

access-switch1(config-line)# login

access-switch1(config-line)# exit

access-switch1(config)#

Console

access-switch1(config)# line console 0

access-switch1(config-line)# password PA$$@WORD

access-switch1(config-line)# login

access-switch1(config-line)# exit

access-switch1(config)#

5. Configure IP Addresses With Telnet Access

The next step is to decide which IP addresses will have access to Telnet, and add them with the PuTTY CLI. To select permitted IP’s enter the following command (replace the listed IPs with the IPs of the components you want to grant permission to):

access-switch1(config)# ip access-list standard TELNET-ACCESS

access-switch1(config-std-nacl)# permit 216.174.200.21

access-switch1(config-std-nacl)# permit 216.174.200.21

access-switch1(config-std-nacl)# exit

You can also configure your network’s access control lists (ACLs) to virtual terminal (VTY) lines. ACLs ensure that only the administrator can connect to the router through Telnet.

access-switch1(config)# line vty 0 15

access-switch1(config-line)# access-class TELNET-ACCESS in

access-switch1(config-line)# exit

access-switch1(config)#

6. Configure a Network Management IP address (or Management Interface)

Next, you need to configure a network management IP address. Switches don’t come with an IP address by default, meaning that you can’t connect to it with Telnet or SSH. To solve this problem you can select a virtual LAN(VLAN) on the switch and create a virtual interface with an IP address. You can do this by entering the following command:

access-switch1(config)# interface vlan 1

access-switch1(config-if)# ip address 192.168.1.1 255.255.255.0

access-switch1(config-if)# exit

access-switch1(config)#

The new IP management address is located in VLAN1, which other computers will now use to connect.

7. Assign a Default Gateway to the Switch

At this stage, you want to assign a default gateway to the switch. The default gateway is essentially the address of the router that the switch will be communicating with. If you don’t configure a default gateway then VLAN1 will be unable to send traffic to another network. To assign the default gateway, enter the command below (change the IP address to that of your router).

access-switch1(config)# ip default-gateway 192.168.1.254

8. Disable Unused Open Ports

As a best practice, it is a good idea to disable any unused open ports on the switch. Cyber criminals often use unsecured ports as a way to breach a network. Closing these ports down reduces the number of entry points into your network and makes your switch more secure. Enter the range of ports you want to close by entering the following command (you would change 0/25-48 to the ports that you want to close):

access-switch1(config)# interface range fe 0/25-48

access-switch1(config-if-range)# shutdown

access-switch1(config-if-range)# exit

access-switch1(config)#

9. Save Your System Configuration Settings

Once you’ve finished configuring the router it’s time to save your system configuration. Saving the configuration will make sure that your settings are the same when you open up your next session. To save enter the following command:

access-switch1(config)# exit

access-switch1# wr

Always remember to save any changes to your settings before closing the CLI.

Visits: 377
Total Page Visits: 509 - Today Page Visits: 6

About the author

Violet

View all posts