fea a Configuring a Switch ‘This chapter provides information and commands concerning the following topes: + Help commands + Command modes + Verifying commands + Resetting switch configuration + Setting host names + Setting passwords + Setting IP addresses and defeult gateways + Setting interface descriptions + Setting duplex operation + Setting operation speed + Managing the MAC address table + Configuring static MAC addresses + Switeh por security + Verifying switch port security + Sticky MAC addrestes + Configuration example Help Commands ‘switehe? "The ? works ‘Command Modes ‘iteh> onal User mode, same as a router ‘witehe Privileged mode switehidieable ‘Leaves privileged mode switchooxtt Leaves user mode106 _Veritying Commands Verifying Commands ‘ewitchtahow version Displays information about solwaze and hardware ‘switchtshow flash: Displays information about flash memory (forthe 2900/ 12950 series only) ‘Switch#show mac-address table Displays the current MAC address forwarding table ‘witehtehow controllers ethernet controller Displays information about the Ethernet controller. switcheshow running: contig Displays the current configuration in DRAM. ‘witehahow ‘startup-contig, Displays the current configuration in NVRAM, ‘ewitcheshow post Displays whether the switeh| passed POST. witehahow van Displays the current VLAN configuration, ewitcheshow interfaces: Displays the interface configuration and status of line: upfup, up/down, adrain own, NOTE: This command is ‘unsupported in some Cisco 108 Software releases, 3 5 12.205)FX. ewitch#show interface viant Displays setting of viral inerface VLAN 1, the default VLAN on the switeh, NOTE: This command is ‘unsupported in some Cisco 108 Software releases, such 5 12.205)FX.Setting Passwords 107 Resetting Switch Configuration Snitchedelete flashivian dat Removes the VLAN database from lash memory. ‘ilenane [vlan det]? Press Ente Delete flashivian.dat? [confirm Reconfirm by pressing Switchtorase startup-config Bases the file from NVRAM output onitved> Suitehéreloed Restarts the switch Setting Host Names Switchéeentigure terminal ‘Moves to global configuration ode Switch contig) #hostrane 28686witch (Creates a locally signiticant host name of the switch. This ts the same command asthe 29605wi ten(cont ig) Setting Passwords Setting passwords forthe 2960 series switchs i the same method as used for a router, 2eeoswiten(contigifenable password cisco | Seis the enable password to ‘e60Snitch(contig) enable secret class Seis the encrypted secret password 0 class 29605wiven(contig)/Line console ers line console mode ‘2960S4iten(config-Line) Hagin Enables password checking ‘2960Snitch(config-Line) spaseword ei8e0 Sete the pastword t cisco 29605ni ten (contig-Line)fexit Exits line console mode 29608witen(config-Line)#lane aux @ ers line auniliary mode108 _ Setting Interface Descriptions 29605wien(contig-1ine) #egan ables password checking 29605nir le Enter privileged mode, switchseonfigure terminal Bates global configuration rode ‘witch eontig)éne dp donain-Lookup “Tums off Domain Name System (DNS) queries so that spelling mistakes donot slow you down ‘Switch (contig) #hestrane 2960 ‘Sets the host name ‘2960 (config)¥enable secret cisco ‘Sets the encrypted secret password to cisco. 7960(conTig)#Line console @ ners line console mode, 72960 (contig: Line) Flogging synchronous “Appends commands toa new line; router information will not interzupt,114 Configuration Example 2960(config- Line) login ‘User must log in to console before use, ‘2060 (config-Line)#paseword ewiteh ‘Sets the password to switeh, 2960(config-Line)¥exee-tineout @ @ ‘Console will never log out 2960(conTig-Line)Wexat ‘Moves back to global configuration mode 2960 (contig) line ‘Moves to line auxiliary rode 2960(config-Line) login ‘User must lg into auxiliary port before use, ‘2060 (config-Line)#paseword clase ‘Sets the password to class 2960(config-Line) exit ‘Moves back to global configuration mode 2960(config)#line vty @ 18 ‘Moves to configure all 16 vy ports at the same time 2960(config-Line) #login ‘User must log in to vty port before use 2960(config-line)spaseword class ‘Sets the password to class £2960 (config- Line) #oxit ‘Moves back to global configuration mode. 2960(config)#ip default-gatoway 182.168.1.1 Sets default gateway. 2960 (contig) #interface vlan 1 ‘Moves to virtual interface VLAN 1 configuration ode 2960(config-it}wip address 192.168.1.2 255.285.255.0 ‘Sets the IP address and netmask for switch, (2960 (config-if)#no shutdown “Tum the virtual interface 2960(config-if}winterface tastethernet 0/1 ‘Moves to interface configuration mode for fastethernet OConfiguration Example 118 2960 (config-it}udescription Link to Bismarck Router ‘Sets local deseription 2960(config-if)winterface fastethernet 0/4 ‘Moves to interface configuration mode for fastethernet 0/4, 2960(config-i}#deseription Link te Workstation A ‘Sets a local deseription. 2960(config-it)Wewitehport port-security ‘Activates port security, ‘2060 (config-if]wewitehport port-eecurity maximum 1 ‘Only one MAC adress will be allowed inthe MAC able 2960 (contig-it)¥ewitehport port-security violation shutdown Port wil be tured off if sore than one MAC address is reported 2960(config-if}winterface fastethernet 0/6 Moves to interface configuration mode for fastethernet 0, 2960 config-itysdeseription Link to Workstation 6 ‘Ses a local description 27960 (config-if}wswitenport port-security Activates port security 72960 (contig-if)wowttehport part-security wmaxinum 1 ‘Only one MAC adress will be allowed in the MAC able. 2960 (config-if)wswitenport port-security Violation shutdown Pot wil be tuned offi ‘more than one MAC address ts reported 2960(config-if}#exit Returns to global configuration mode 2960 (contig) exit ‘Returns to privileged mode, ‘2es0#eopy running-contig startup-contig ‘Saves the configuration to NVRAM,