Difference between revisions of "Cisco Switches"
m (Protected "Cisco Switches" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))) |
(Added subsection on setting up IP) |
||
| Line 51: | Line 51: | ||
</nowiki> | </nowiki> | ||
== Set IP address == | |||
So as to be able to telnet or SSH on (if supported) instead of using the serial console | |||
<nowiki> | |||
switch#conf t | |||
Enter configuration commands, one per line. End with CNTL/Z. | |||
switch(config)#int vlan1 | |||
switch(config-if)#ip address 192.168.1.2 255.255.255.0 | |||
switch(config-if)#exit | |||
switch(config)#ip default-gateway 192.168.1.1 | |||
switch(config)#exit | |||
switch#</nowiki> | |||
== Create VLANs == | == Create VLANs == | ||
Looking at the vlan setup doesn't require enable but changing it does. | Looking at the vlan setup doesn't require enable but changing it does. | ||
Revision as of 20:58, 4 May 2023
Generally it is better to use Cisco switches as the interface is familier, works better than the web-driven rivals, they are more reliable and familiarity is worth money, unlike any other switch or router (with the exception of Juniper).
Goals
Broadly, create the VLAN, add and IP address to VLANs where needed, and move ports into the vlan.
Fix idle timeout
Looking at sh line vty 0 around other details I can see the idle timeout is only ten minutes. I like to change it to thirty minutes to give me more thinking time and to make the notes on this page without it logging me out.
switch>sh line vty 0
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 1 VTY - - - - - 8 0 0/0 -
Line 1, Location: "", Type: "xterm-256color"
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Status: PSI Enabled, Ready, Active, No Exit Banner, Ctrl-c Enabled
Automore On, Notify Process
Capabilities: none
Modem state: Ready
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
00:10:00 never none not set
This is how I change it to thirty minutes
switch>en Password: switch#conf t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#line vty 0 15 switch(config-line)#exec-timeout 30 0 switch(config-line)#exit switch(config)#exit switch#disa switch>
Now the timeout is thirty minutes.
switch>sh line vty 0
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 1 VTY - - - - - 8 0 0/0 -
Line 1, Location: "", Type: "xterm-256color"
Length: 24 lines, Width: 80 columns
Baud rate (TX/RX) is 9600/9600
Status: PSI Enabled, Ready, Active, No Exit Banner, Ctrl-c Enabled
Automore On, Notify Process
Capabilities: none
Modem state: Ready
Special Chars: Escape Hold Stop Start Disconnect Activation
^^x none - - none
Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch
00:30:00 never none not set
Set IP address
So as to be able to telnet or SSH on (if supported) instead of using the serial console
switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)#int vlan1
switch(config-if)#ip address 192.168.1.2 255.255.255.0
switch(config-if)#exit
switch(config)#ip default-gateway 192.168.1.1
switch(config)#exit
switch#
Create VLANs
Looking at the vlan setup doesn't require enable but changing it does.
switch>sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/4, Gi1/0/5, Gi1/0/6
Gi1/0/7, Gi1/0/8, Gi1/0/9
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/23, Gi1/0/24
Gi1/0/25, Gi1/0/26, Gi1/0/27
Gi1/0/28, Gi1/0/29, Gi1/0/30
Gi1/0/31, Gi1/0/32, Gi1/0/33
Gi1/0/34, Gi1/0/35, Gi1/0/36
Gi1/0/37, Gi1/0/38, Gi1/0/39
Gi1/0/40, Gi1/0/41, Gi1/0/42
Gi1/0/43, Gi1/0/44, Gi1/0/45
Gi1/0/46, Gi1/0/47, Gi1/0/48
Gi1/0/49, Gi1/0/50, Gi1/0/51
Gi1/0/52
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
At this point everything is in VLAN1, which is the default configuration. However our goal here is to put ports into a relevant VLAN and turn off VLAN1. First we need to create some VLANs. Go into enable mode and conf t.
switch>en Password: switch#conf t Enter configuration commands, one per line. End with CNTL/Z. switch(config)#vlan 2 switch(config-vlan)#name dmz switch(config-vlan)#exit switch(config)#exit switch#