2 Basic Switch and Device Configration-1
2 Basic Switch and Device Configration-1
2 Basic Switch and Device Configration-1
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Cisco IOS Access
Operating Systems
• Shell - The user interface that allows
users to request specific tasks from
the computer. These requests can be
made either through the CLI or GUI
interfaces.
• Kernel - Communicates between the
hardware and software of a computer
and manages how hardware
resources are used to meet software
requirements.
• Hardware - The physical part of a
computer including underlying
electronics.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Cisco IOS Access
GUI
• A GUI allows the user to interact with the
system using an environment of
graphical icons, menus, and windows.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Cisco IOS Access
Purpose of an OS
PC operating system enables a user to do CLI-based network operating system enables a
the following: network technician to do the following:
• Use a mouse to make selections • Use a keyboard to run CLI-based
and run programs network programs
• Enter text and text-based • Use a keyboard to enter text and
commands text-based commands
• View output on a monitor
• View output on a monitor
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Cisco IOS Access
Access Methods
• Console – A physical management port
used to access a device in order to
provide maintenance, such as
performing the initial configurations.
• Secure Shell (SSH) – Establishes a
secure remote CLI connection to a
device, through a virtual interface, over a
network. (Note: This is the recommended
method for remotely connecting to a
device.)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
2.2 IOS Navigation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
IOS Navigation
Primary Command Modes
User EXEC Mode:
• Allows access to only a limited
number of basic monitoring
commands
• Identified by the CLI prompt
that ends with the > symbol
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
IOS Navigation
Configuration Mode and Subconfiguration Modes
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
2.3 The Command Structure
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
The Command Structure
Basic IOS Command Structure
• Keyword – This is a specific parameter defined in the operating system (in the figure, ip
protocols).
• Argument - This is not predefined; it is a value or variable defined by the user (in the
figure, 192.168.10.5).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
The Command Structure
IOS Command Syntax Check
A command might require one or more arguments. To determine the keywords
and arguments required for a command, refer to the command syntax.
• Boldface text indicates commands and keywords that are entered as shown.
• Italic text indicates an argument for which the user provides the value.
Convention Description
Boldface text indicates commands and keywords that you enter literally as
boldface
shown.
italics Italic text indicates arguments for which you supply values.
Braces and vertical lines within square brackets indicate a required choice
[x {y | z }] within an optional element. Spaces are used to clearly delineate parts of the
command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
The Command Structure
IOS Command Syntax Check (Cont.)
The command syntax provides the pattern, or format, that must be used when
entering a command.
If a command is complex with multiple arguments, you may see it represented like this:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
The Command Structure
Hot Keys and Shortcuts
• The IOS CLI provides hot keys and shortcuts that make configuring, monitoring, and
troubleshooting easier.
• Commands and keywords can be shortened to the minimum number of characters
that identify a unique selection. For example, the configure command can be
shortened to conf because configure is the only command that begins with conf.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
The Command Structure
Hot Keys and Shortcuts (Cont.)
The table below is a brief list of keystrokes to enhance command line editing.
Keystroke Description
Left Arrow or Ctrl+B Moves the cursor one character to the left.
Right Arrow or Ctrl+F Moves the cursor one character to the right.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
2.4 Basic Device Configuration
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Basic Device Configuration
Device Names
• The first configuration command on any device should be to
give it a unique hostname.
• By default, all devices are assigned a factory default name.
For example, a Cisco IOS switch is "Switch.”
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Basic Device Configuration
Password Guidelines
• The use of weak or easily guessed passwords are a security concern.
• All networking devices should limit administrative access by securing privileged EXEC,
user EXEC, and remote Telnet access with passwords. In addition, all passwords should
be encrypted and legal notifications provided.
• Password Guidelines:
• Use passwords that are more than eight
characters in length.
• Use a combination of upper and lowercase
letters, numbers, special characters, and/or
numeric sequences. Note: Most of the labs in this course use simple
passwords such as cisco or class. These
• Avoid using the same password for all devices. passwords are considered weak and easily
• Do not use common words because they are guessable and should be avoided in production
easily guessed. environments.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Basic Device Configuration
Configure Passwords
Securing user EXEC mode access:
• First enter line console configuration mode
using the line console 0 command in global
configuration mode.
• Next, specify the user EXEC mode password
using the password password command.
• Finally, enable user EXEC access using
the login command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
Basic Device Configuration
Configure Passwords (Cont.)
Securing VTY line access:
• First enter line VTY configuration mode
using the line vty 0 15 command in
global configuration mode.
• Next, specify the VTY password using
the password password command.
• Finally, enable VTY access using
the login command.
Note: VTY lines enable remote access using Telnet or SSH to the device. Many Cisco
switches support up to 16 VTY lines that are numbered 0 to 15.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Basic Device Configuration
Encrypt Passwords
The startup-config and running-config files Use the show running-config command
display most passwords in plaintext. to verify that the passwords on the device
are now encrypted.
To encrypt all plaintext passwords, use
the service password-encryption global config
command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Basic Device Configuration
Banner Messages
A banner message is important to warn
unauthorized personnel from attempting
to access the device.
To create a banner message of the day
on a network device, use the banner The banner will be displayed on attempts to access the device.
motd # the message of the day # global
config command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
2.5 Save Configurations
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Save Configurations
Configuration Files
There are two system files that store the device configuration:
• startup-config - This is the saved configuration file that is stored in NVRAM. It contains all the commands that will be
used by the device upon startup or reboot. Flash does not lose its contents when the device is powered off.
• running-config - This is stored in Random Access Memory (RAM). It reflects the current configuration. Modifying a
running configuration affects the operation of a Cisco device immediately. RAM is volatile memory. It loses all of its
content when the device is powered off or restarted.
• To save changes made to the running configuration to the startup configuration file, use the copy running-config
startup-config privileged EXEC mode command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Save Configurations
Alter the Running Configurations
If changes made to the running config do not
have the desired effect and the running-config
has not yet been saved, you can restore the
device to its previous configuration. To do this
you can:
• Remove the changed commands individually.
• Reload the device using the reload command
in privilege EXEC mode. Note: This will cause
the device to briefly go offline, leading to
network downtime.
If the undesired changes were saved to the
startup-config, it may be necessary to clear all
the configurations using the erase startup-
config command in privilege EXEC mode.
• After erasing the startup-config, reload the
device to clear the running-config file from
RAM.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Save Configurations
Capture Configuration to a Text File
Configuration files can also be saved and
archived to a text document.
• Step 1. Open terminal emulation software,
such as PuTTY or Tera Term, that is already
connected to a switch.
• Step 2. Enable logging in to the terminal
software and assign a name and file location to
save the log file. The figure displays that All
session output will be captured to the file
specified (i.e., MySwitchLogs).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Save Configurations
Capture Configuration to a Text File (Cont.)
• Step 3. Execute the show running-
config or show startup-config command at
the privileged EXEC prompt. Text displayed in
the terminal window will be placed into the
chosen file.
• Step 4. Disable logging in the terminal
software. The figure shows how to disable
logging by choosing the None session logging
option
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31