Tuesday, September 15, 2009

Initial Switch Configuration

In this post I'm just going to detail how to get a 2950 switch up with a very basic configuration. I'll build upon this config in later posts.



I start off by giving my switch a name (S1) and enabling a secret password (okay, I know its crap but this is a lab). I'll turn off domain lookups as they are very annoying every time I mistype something and give it a default gateway.

Switch>enable
Switch#configure terminal
Switch(config)#hostname S1
S1(config)#enable secret cisco
S1(config)#no ip domain-lookup
S1(config)#ip default-gateway 10.0.1.1


Now I'll set up the console port with a 30 minute time-out and a password of cisco.

S1(config)#line console 0
S1(config-line)#logging synchronous
S1(config-line)#exec-timeout 30 0
S1(config-line)#password cisco
S1(config-line)#login


I do the same for the VTY ports.

S1(config-line)#line vty 0 4
S1(config-line)#logging synchronous
S1(config-line)#exec-timeout 30 0
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#exit


Theres no aux port on the switch so we can move on to VLAN 1. VLAN 1 is the default VLAN and in a later post I'll move everything out of this VLAN and just use it for administration but for now I'll set it up with an IP address so it's accessible by telnet. I also turn on password encryption and show the running-config so the password encryption service can works it's magic.

S1(config)#interface vlan 1
S1(config-if)#ip address 10.0.1.210 255.255.255.0
S1(config-if)#no shutdown
S1(config-if)#exit
S1(config)#service password-encryption
S1(config)#do show running-config



Building configuration...
Current configuration : 1658 bytes
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname S1
!
enable secret 5 $1$AqOD$ifdJ30Bwn.bJuBXRFov4O/
!
ip subnet-zero
no ip domain-lookup
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
no ip address
!
<-------------Cut------------------>
!
interface FastEthernet0/24
no ip address
!
interface Vlan1
ip address 10.0.1.210 255.255.255.0
no ip route-cache
!
ip default-gateway 10.0.1.1
ip http server
!
!
line con 0
exec-timeout 30 0
password 7 0822455D0A16
logging synchronous
login
line vty 0 4
exec-timeout 30 0
password 7 0822455D0A16
logging synchronous
login
line vty 5 15
login
!
end


Finally I set up a host entry for my router (R1), turn off the web server that I saw was on in the running-config, save the config to startup-config and reload.

S1(config)#ip host R1 10.0.1.220
S1(config)#no ip http server
S1(config)#exit
S1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
S1#reload


Thats it, the boring stuff is all over!



No comments: