switch - pt 1
Back   |  Part 1 |  Part 2  | Chall 1  | Chall 2   | Chall 3 |  [Bill's Home]

[Expand][PDF][EXE Version - Time limited]

The CISCO Cayalist 2800-series switch that the emulation was performed on is:

You can see that it has 24 ports, which are named fa0/1 (port 1), fa0/2 (port 2), ..., fa0/24 (port 24).

Perform the following:

SHOWING VERSION OF SWITCH OS

Initially you will be in the user executive (Exec) mode, and the functions that you can perform are limited.

1

Use the ? command to view the commands in this mode.

 

What commands are available in Exec mode?

2

Use the show version command to show the current operating system details.

 

How many Ethernet ports does the switch have?

 

What is the MAC address of the switch?

SETTING THE HOST NAME AND IP INFORMATION.

Next go into the privileged executive mode:

1

Go into the privileged mode by typing enable.

 

How does the prompt change?

2

Use the ? command to view the commands in this mode.

 

What commands are available in Privileged Exec mode?

3

Configure the device using by typing config t.

 

How does the prompt change?

4

Set the hostname by typing hostname myhost.

5

Go back to the user executive mode with the command exit.

6

Show the IP parameters of the switch with the command show ip interface.

 

What are the parameters displayed?

7

Go back to configuration mode with config t.

8

Configure the VLAN with the interface vlan 1 command.

9

Set the IP address and subnet mask with the command ip address 192.168.0.1 255.255.255.0.

10

Use no shutdown to start the VLAN.

11

Go back to privileged mode with exit.

12

Show the IP parameters again with show ip interface.

 

What are the parameters displayed?

13

From the config mode, set the gateway address to 192.168.0.2, the domain-name is mycomp.com, the name-server to 192.168.0.10, using:

(config)# ip default-gateway 192.168.0.2
(config)# ip domain-name mycomp.com
(config)# ip name-server 192.168.0.10


14

Show the main system configuration with show running-config.

 

What are the parameters displayed?

SETTING UP A TELNET INTERFACE FOR THE SWITCH. It is possible to remotely log into the switch over the network using TELNET. To do this the following is achieved:

1

Go to the Executive Privileged mode (that is, with the # prompt).

2

Go to the configuration mode (that is, with the (config) # prompt).

3

Use the line line vty 0 15 to create up to 16 possible TELNET sessions.

4

Use the password fred to define the password as fred

5

Exit from the config mode with end.

6

Show the current running configuration with show running-config.
Has the configuration been updated?

SAVING THE CONFIGURATION. The changes that are made are made only to the running configuration (running-configuration). Once the user has verified that the new changes are okay, they should copy the running configuration into the startup configuration (startup-configuration). Once this is done, the switch will startup with the updated changes. To do this the copy running-config startup-config command is used.

1

Go to the configuration model (that is, with the (config) # prompt).

2

Use the copy running-config startup-config command.

Other methods include:

copy running-config tfp which copies the running config to the TFTP server.
copy tftp running-config which copies from the TFTP server to the current running config.

SHOWING YOUR COMMANDS. The switch stores all the previous commands, which can be recalled with the show history command.

1

Use the show history to display the previous commands.

SCROLLING THROUGH PREVIOUS COMMANDS. The UP and DOWN arrow keys can be used to scroll through the previous command, of which the user can select any of them, as required.

1

Use the UP and DOWN arrows to scroll through the command.

SETTING UP A VLAN. One of the great advantages of switches is that it is possible to create a VLAN, which allows the actual topology of the network to be defined by software rather than actual physical connections. In the following the VLAN is given a name, and then ports are assigned to it.

1

Go to the privileged executive mode (that is, with the # prompt).

2

Use the show vlan command to view the currently assigned VLANs.

 

What are the names of the currently assigned VLANs?

3

Use the vlan database command to go into the vlan configuration mode.

 

How does the prompt change?

4

Use the ? command to view the commands in this mode.

5

Use the show command to view the currently assigned VLANS.

 

What VLANs are currently present?

6

Use the vlan 2 name fred to change the name of VLAN number 2 to fred.

 

What message is displayed?

7

Use the show command to view the currently assigned VLANS.

 

Has the VLAN been added?

8

Exit from vlan and configuration modes, and run show vlan again.

 

How has the names of the VLANs changed?

 

PROGRAMMING THE INTERFACE AND ASSIGNING PORTS TO VLANS.

1

Configure the interface by typing interface.

 

How does the prompt change?

2

Determine the commands that can be used in the interface menu with ?. List a few of these command.

 

What commands are available in Interface Configuration mode?

3

Program the first Ethernet port on the switch (which is 0/1, where the first digit identifies the Ethernet port and the second digit identifies the port number). Do this by entering the Ethernet 0/1 command.

4

Define the this port is assigned to VLAN 2 with the switchport access vlan 2 command.

5

Program the second Ethernet port on the switch (which is 0/2). Do this by entering the Ethernet 0/2 command.

6

Define the this port is assigned to VLAN 2 with the switchport access vlan 2 command.

7

Go back to the Privileged Exec mode, and use the show vlan command to show the assigned VLANs against ports.

This is shown next:

RESETING THE SWITCH. The two commands to reset the switch are delete nvram and delete vtp, which can be entered from the config mode.

1

Go to the user exec mode (that is, with the # prompt).

2

Use the erase nvram command.

2

Use the erase vtp command.

REDUCING COMMANDS. Many commands can be truncated to a shorter form, such as: sh (show), conf (configuration), e (ethernet), fa (fastethernet), and so on.

SETTING OTHER PARAMETERS ON THE PORT. Apart from defining shutdown, no shutdown and description on the ports, it is possible to set the speed with the speed command (10 - 10 Mbps, 100 - 100 Mbps or auto - autospeed), and with duplex whether the port supports full-duplex (full), half-duplex (half) or auto.

1

Go to the priviliged interface mode (that is, with the (config) # prompt). Next configure the third Ethernet port with the command int e0/1 (which is the short form of interface ethernet 0/1)

2

Use the speed 10 command to set the speed to 10Mbps.

3

Use the duplex half command for half-duplex.

4

Go back to the Priviliged mode (#) and run show running-config, and check that the parameters have been set.

ENABLING SPANNING-TREE. Spanning-tree is used to allow the switch to discover the layout of interconnected networks.

1

Go to the priviliged interface mode (that is, with the (config) # prompt).

2

Use the spanning-tree vlan 1 command to enable it.

3

Use the show spanning to show the spanning-tree topology.

SETTING LINE CONSOLE PASSWORD. The console password is set by using the line con 0 command from the Priviged Exec mode, and then using the password command.

1

Go to the priviliged interface mode (that is, with the (config) # prompt). Next configure the third Ethernet port with the line con 0 (which is the short form of line console 0)

2

Use the password fred command to set the password to fred.

3

Go back to the Priviliged mode (#) and run show running-config, and check that the parameters have been set.

RESTARTING THE SWITCH. Often the administrator must restart the switch (possibly to be able to reapply settings). To do this the reload command is used:

1

Go to Privilged Exec mode.

2

Use the reload command to reboot the switch.

 

What are the messages shown?

 

ENABLING SNMP. SNMP is an excellent protocol which allows remote devices to interrogate network parameters on the local device. As SNMP could cause a security breach if it is not setup correctly, it is off by default. To turn it on:

1

Go to Config mode.

2

Use the snmp enable traps command to initialise snmp.

3

Use the show running-config to view the snmp setup.

4

Use the show snmp to view the results from the SNMP agent.

Showing help. Many commands contain a help version. For this type in the command and a '?'. For example:

2

show ?

3

show ip ?

SHOWING THE CONTENTS OF THE FLASH MEMORY. The Flash memory contains the OS, HTML pages, and so on. It can be viewed using the following command:

1

show flash

2

What files and directories are shown?

CHANGING AND LISTING DIRECTORIES. The file structure can be listed using the DIR command and the directory can be changed with CD (as with DOS).

1

Go into the html folder using the cd html command, and then uses the dir command to list its contents.

 

What files are shown?

2

Go back to the top level folder using the cd .. command, and then uses the dir command to list its contents.

ENABLING AND DISABLING CDP. CDP (Cisco Discovery Protocol) allows ports to discover the parameters of their neighhours. It is

1

Go into interface mode for e0/1 (That is port 1).

2

To enable the CDP command the command used is cdp enable (it is enabled by default). To disable it, use the command no cdp enable.

3

Go back to the Exec mode, and show that the no cdp enable statement has been added to port 1.

4

The parameters used for CDP are showb with show cdp.

 

What parameters shown?

4

The arguments used with the CDP command can be shown with show cdp ?.

 

What arguments are used?

5

Show the CDP status on each port with show cdp interface.

 

What parameters shown?

6

Show the CDP traffic is show cdp traffic.

 

What parameters shown?

7

Show the CDP information of switch's neighbours with show cdp neighbors.

 

What are the connected devices?

8

For general CDP configuration, go to Config Exec mode and use cdp ?.

9

Use the cdp holdtime 20 command to set the hold timer to 20.

10

Use the cdp timer 30 command to set the timer to 30.

11

Show the running-configuration to check that the commands have been added.

SETTING UP A WWW SERVER. One of the best ways to access a switch remotely is to use a WWW browser, and access the switch with http:\\switch_address. The WWW server is initiated with the following:

1

In User Exec mode [#(config)], use the ip http server command to initiate the WWW server.

2

Exit User Exec mode and run show running, and check that the WWW server has been started.

3

To stop the WWW server, use the no ip http server command. Check that the WWW server has been stopped.

REMOVING ADDRESSES. A command such as ip address w.z.y.z a.b.c.d can be remove by inserting a no in-front of the command. For example:

1

Go to vlan interface for VLAN 1 (config t, followed by interface vlan 1). Use the command no ip address command to remove the IP address. Go to the User Exec mode, and check that the IP address has been removed.

2

The same can be done for ip domain-name (no domain-name), ip gateway (no gateway), and ip name-server (no name-server).

ADDING PASSWORDS. There are two main passwords. The first is for the EXEC level, and the second is for the Priviledged EXEC level.

1

Go privileged EXEC level (config)#, and enter enable password level 1 fred, to change the EXEC password to fred.

2

Go privileged EXEC level (config)#, and enter enable password level 15 bert, to change the privileged EXEC password to bert.

3

Show running-config, and prove that the passwords have been set.

Bridge commands:

(config#) bridge bridge-number - Configure parameters for a bridge group.
(config#) no bridge bridge-number -Remove bridge group.
(config#) bridge-group enable - Enable port grouping using bridge groups.
(config#) no bridge-group enable - Disable port grouping using bridge groups.
(config-if#) bridge-group bridge-number - Configure parameters for a bridge group on an interface.
(config-if#) no bridge-group -group bridge-number -Remove bridge group on an interface.

CGMP commands:


(config#) cgmp- Enable CGMP (Cisco Group Management Protocol).
(config#) no cgmp - Disable CGMP.
(config#) cgmp remove mac-address - Remove a MAC address from CGMP (Cisco Group Management Protocol).
(config#) cgmp hold-time - Set CGMP hold-time.

Changing the HTTP port. In some cases, firewalls are setup to block port 80 (for WWW server traffic), thus the HTTP sometimes has to be changed. To do this the following is used:

(config#) ip http port portno - Set HTTP port number.
(config#) no ip http port portno - Disable HTTP port number.

Other commands:

show interface e0/1 - Show the interface parameters for port 1.
show users - Show connected users.
show snmp - Show SNMP statistics.
show hosts - Show host parameters (domain name, name server, and so on).
show alias - Show host parameters (domain name, name server, and so on).
show boot - Show boot parameters.
show post - Show the results of the post test.
show dot1x - Show details of IEEE 802.1x.

Challenge:

Challenge 1
Challenge 2

The list of commands used is:

Switch> show version
Switch> enable
Switch# config t
myhost(config)# hostname myhost
myhost(config)# exit
myhost# show ip interface
myhost# config t
myhost(config)# interface vlan 1
myhost(config-if)# ip address 192.168.0.1 255.255.255.0
myhost(config-if)# no shutdown
myhost(config-if)# exit
myhost(config)# exit
myhost# show ip interface
myhost# config t
myhost(config)# ip default-gateway 192.168.0.2
myhost(config)# ip domain-name mycomp.com
myhost(config)# ip name-server 192.168.0.10
myhost(config)# exit
myhost# show running-conf
myhost# config t
myhost(config)# line con 0
myhost(config-line)# password fred
myhost(config-line)# exit
myhost(config)# line vty 0 15
myhost(config-line)# password fred
myhost(config-line)# exit
myhost(config)# exit
myhost# copy running-config startup-conf
myhost# show history
myhost# show vlan
myhost# vlan database
myhost(vlan)# vlan 2 name fred
myhost(vlan)# exit
myhost# show vlan
myhost# config t
myhost(config)# interface e0/1
myhost(config-if)# switchport access vlan 2
myhost(config-if)# exit
myhost(config)# interface e0/2
myhost(config-if)# switchport access vlan 2
myhost(config-if)# exit
myhost(config)# exit
myhost# show vlan
myhost# delete nvram
myhost# delete vtp
myhost# config t
myhost(config)# interface e0/1
myhost(config-if)# speed 10
myhost(config-if)# duplex half
myhost(config-if)# exit
myhost(config)# exit
myhost# show running-config
myhost# show snmp
myhost# show flash
myhost# cd html
myhost# dir
myhost# cd ..
myhost# dir
myhost# config t
myhost(config)# interface e0/1
myhost(config-if)# no cdp enable
myhost(config-if)# exit
myhost(config)# exit
myhost# show cdp
myhost# show cdp traffic
myhost# show cdp neighbors
myhost# config t
myhost(config)# cdp holdtime 20
myhost(config)# cdp timer 30
myhost(config)# exit
myhost# show running
myhost# config t
myhost(config)# ip http server
myhost(config)# exit
myhost# show running

 

If you would like to register the switch emulator, or obtain the full version, please complete the following:



If you would like to register the router emulator, or obtain the full version, please complete the following: