Basic switch and End Device Configuration

avatar
Created by
jin

Cards (67)

  • Cisco IOS Access
    1. Explain how to access a Cisco IOS device for configuration purposes
    2. Explain how to navigate Cisco IOS to configure network devices
    3. Describe the command structure of Cisco IOS software
    4. Configure a Cisco IOS device using CLI
    5. Use IOS commands to save the running configuration
    6. Explain how devices communicate across network media
    7. Configure a host device with an IP address
    8. Verify connectivity between two end devices
    View source
  • IOS Navigation
    Global Configuration Mode is used to access configuration
    View source
  • Access Methods: Console is a physical management port for initial configurations. Secure Shell (SSH) establishes a secure remote CLI connection. Telnet establishes an insecure remote CLI connection. Terminal emulation programs like PuTTY, Tera Term, and SecureCRT are used to connect to network devices
    View source
  • GUI allows user interaction with graphical icons, menus, and windows. It is more user-friendly and requires less knowledge of the underlying command structure. Examples include Windows, macOS, Linux KDE, Apple iOS, and Android. Network devices are typically accessed through a CLI
    View source
  • Operating Systems: Shell allows users to request specific tasks from the computer through CLI or GUI interfaces. Kernel communicates between hardware and software, managing hardware resources. Hardware is the physical part of a computer including underlying electronics
    View source
  • PC operating system enables using a mouse, entering text-based commands, and viewing output on a monitor. CLI-based network operating system enables using a keyboard for CLI-based network programs, entering text-based commands, and viewing output on a monitor
    View source
  • Module Objectives
    • Implement initial settings including passwords, IP addressing, and default gateway parameters on a network switch and end devices
    View source
  • Primary Command Modes: User EXEC Mode allows access to basic monitoring commands. Privileged EXEC Mode allows access to all commands and features
    View source
  • IOS Navigation
    1. Video – Navigation Between IOS Modes
    2. This video will cover the following: enable, disable, configure terminal, exit, end, Control + Z on keyboard, Other commands to enter sub configuration modes
    View source
  • IOS Navigation
    1. Navigation Between IOS Modes
    2. Privileged EXEC Mode: To move from user EXEC mode to privilege EXEC mode, use the enabled command.
    3. Global Configuration Mode: To move in and out of global configuration mode, use the configure terminal command. To return to privilege EXEC mode, use the exit command.
    4. Line Configuration Mode: To move in and out of line configuration mode, use the line command followed by the management line type. To return to global configuration mode, use the exit command.
    View source
  • IOS Navigation
    1. Configuration Mode and Subconfiguration Modes
    2. Global Configuration Mode: Used to access configuration options on the device
    3. Line Configuration Mode: Used to configure console, SSH, Telnet or AUX access
    4. Interface Configuration Mode: Used to configure a switch port or router interface
    View source
  • IOS Command Syntax Check: A command might require one or more arguments. To determine the keywords and arguments required for a command, refer to the command syntax. Boldface text indicates commands and keywords that are entered as shown. Italic text indicates an argument for which the user provides the value. Square brackets indicate an optional element (keyword or argument). Braces indicate a required element (keyword or argument). Braces and vertical lines within square brackets indicate a required choice within an optional element. Spaces are used to clearly delineate parts of the command
    View source
  • Allows access to all commands and features
    View source
  • Identified by the CLI prompt that ends with the # symbol
    View source
  • IOS Navigation
    1. Navigation Between IOS Modes (Cont.)
    2. Subconfiguration Modes: To move out of any subconfiguration mode to get back to global configuration mode, use the exit command. To return to privilege EXEC mode, use the end command or key combination Ctrl +Z. To move directly from one subconfiguration mode to another, type in the desired subconfiguration mode command. In the example, the command prompt changes from (config-line)# to (config-if)#.
    View source
  • IOS Navigation
    1. Video – IOS CLI Primary Command Modes
    2. This video will cover the following: User EXEC mode, Privilege EXEC mode, Global Config mode
    View source
  • The command syntax provides the pattern, or format, that must be used when entering a command. The command is ping and the user-defined argument is the ip-address of the destination device. For example, ping 10.10.10.5. The command is traceroute and the user-defined argument is the ip-address of the destination device. For example, traceroute 192.168.254.254. If a command is complex with multiple arguments, you may see it represented like this
    View source
  • Basic IOS Command Structure: Keyword – This is a specific parameter defined in the operating system. Argument - This is not predefined; it is a value or variable defined by the user
    View source
  • Hot Keys and Shortcuts make configuring, monitoring, and troubleshooting easier in IOS CLI
    View source
  • Keystrokes for operation exit
    • Ctrl-C - Ends the configuration mode and returns to privileged EXEC mode
    • Ctrl-Z - Ends the configuration mode and returns to privileged EXEC mode
    • Ctrl-Shift-6 - All-purpose break sequence used to abort DNS lookups, traceroutes, pings, etc
    • Enter Key - Displays the next line
    • Space Bar - Displays the next screen
    • Any other key - Ends the display string, returning to privileged EXEC mode
    View source
  • Lab - Navigate the IOS by Using Tera Term for Console Connectivity
    1. Access a Cisco Switch through the Serial Console Port
    2. Display and Configure Basic Device Settings
    3. Access a Cisco Router Using a Mini-USB Console Cable (Optional)
    View source
  • Command Structure
    1. IOS has two forms of help available: context-sensitive help and command syntax check
    2. Context-sensitive help enables finding answers to questions like available commands in each command mode, commands starting with specific characters, available arguments and keywords to particular commands
    3. Command syntax check verifies that a valid command was entered by the user and provides feedback if the interpreter cannot understand the command
    View source
  • Packet Tracer is used to navigate the IOS by establishing basic connections, accessing the CLI, and exploring help
    View source
  • Keystrokes for command line editing
    • Tab - Completes a partial command name entry
    • Backspace - Erases the character to the left of the cursor
    • Left Arrow or Ctrl+B - Moves the cursor one character to the left
    • Right Arrow or Ctrl+F - Moves the cursor one character to the right
    • Up Arrow or Ctrl+P - Recalls the commands in the history buffer, beginning with the most recent commands
    View source
  • Device Names
    • The first configuration command on any device should be to give it a unique hostname
    • All devices are assigned a factory default name by default, e.g., a Cisco IOS switch is "Switch"
    • Guidelines for naming devices: Start with a letter, Contain no spaces, End with a letter or digit, Use only letters, digits, and dashes, Be less than 64 characters in length
    View source
  • Access a Cisco Switch through the Serial Console Port
    Display and Configure Basic Device Settings
    View source
  • Securing VTY line access
    First enter line VTY configuration mode using the line vty 0 15 command in global configuration mode, Next, specify the VTY password using the password password command, Finally, enable VTY access using the login command
    View source
  • Securing user EXEC mode access
    First enter line console configuration mode using the line console 0 command in global configuration mode, Next, specify the user EXEC mode password using the password password command, Finally, enable user EXEC access using the login command
    View source
  • Banner Messages
    A banner message is important to warn unauthorized personnel from attempting to access the device, To create a banner message of the day on a network device, use the banner motd # the message of the day # global config command
    View source
  • This video will cover: Access the command line to secure the switch, Secure access to the console port, Secure virtual terminal access for remote access, Encrypt passwords on the switch, Configure the banner message, Verify security
    View source
  • Password Guidelines
    • The use of weak or easily guessed passwords are a security concern
    • All networking devices should limit administrative access by securing privileged EXEC, user EXEC, and remote Telnet access with passwords. In addition, all passwords should be encrypted and legal notifications provided
    • Password Guidelines: Use passwords that are more than eight characters in length, Use a combination of upper and lowercase letters, numbers, special characters, and/or numeric sequences, Avoid using the same password for all devices, Do not use common words because they are easily guessed
    View source
  • Copyright by Cisco and/or its affiliates. All rights reserved. Cisco Confidential
    2016
    View source
  • The banner will be displayed on attempts to access the device
    View source
  • Securing privileged EXEC mode access
    First enter global configuration mode, Next, use the enable secret password command
    View source
  • Encrypt Passwords
    The startup-config and running-config files display most passwords in plaintext, To encrypt all plaintext passwords, use the service password-encryption global config command, Use the show running-config command to verify that the passwords on the device are now encrypted
    View source
  • Capture Configuration to a Text File
    1. Configuration files can also be saved and archived to a text document.
    2. Step 1. Open terminal emulation software, such as PuTTY or Tera Term, that is already connected to a switch.
    3. Step 2. Enable logging in to the terminal software and assign a name and file location to save the log file. The figure displays that All session output will be captured to the file specified (i.e., MySwitchLogs).
    4. Step 3. Execute the show running-config or show startup-config command at the privileged EXEC prompt. Text displayed in the terminal window will be placed into the chosen file.
    5. Step 4. Disable logging in the terminal software. The figure shows how to disable logging by choosing the None session logging option
    6. Note: The text file created can be used as a record of how the device is currently implemented. The file could require editing before being used to restore a saved configuration to a device.
    View source
  • There are two system files that store the device configuration:
    View source
  • To save changes made to the running configuration to the startup configuration file
    Use the copy running-config startup-config privileged EXEC mode command
    View source
  • An IPv4 subnet mask is a 32-bit value that differentiates the network portion of the address from the host portion. Coupled with the IPv4 address
    View source
  • The use of IP addresses is the primary means of enabling devices to locate one another and establish end-to-end communication on the internet.
    View source